|
Title:
|
SECURITY AWARENESS TRAINING THE CONTRIBUTION OF E-LEARNING TO THE FIELD OF IT-SECURITY MANAGEMENT |
|
Author(s):
|
Jan Vom Brocke , Heinz Lothar Grob , Gereon Strauch , Christian Buddendick |
|
ISBN:
|
978-972-8924-57-7 |
|
Editors:
|
Miguel Baptista Nunes, Pedro Isaías and Philip Powell |
|
Year:
|
2008 |
|
Edition:
|
Single |
|
Keywords:
|
IT security, security awareness training, e-learning, multi channel learning |
|
Type:
|
Full Paper |
|
First Page:
|
193 |
|
Last Page:
|
202 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
IT security is highly important for companies. The subject of IT security management is the development of techniques
that ensure the security of information systems. Actual surveys show, that human actions are the predominant reason for
operational disturbances. In regard to this fact IT security management has to be extended by specific elements that focus
on human behaviour. In this article therefore a security awareness management (SAM) is presented.
In order to gain insight into about this new field of security management first theoretical foundations of behavioural
science are analysed with respect to its use for SAM. These findings serve as a basis for the development of a process
model for the implementation of SAM in practice. In order to prove the model, results of its application in a project at the
European Research Center for Information Systems are presented. To handle the individual complexity for the users
deriving from the too large amount of learning content a procedure model was invented to identify individual learning
topics with a process based system and risk analysis. Finally the lessons learned out of this approach are summed up and
perspectives for further research are highlighted. |
|
|
|
|
|
|
