Abstract
Purpose
– The purpose of this paper is to describe the development, design, delivery and evaluation of a postgraduate information security subject that focuses on a managerial, rather than the more frequently reported technical perspective. The authors aimed to create an atmosphere of intellectual excitement and discovery so that students felt empowered by new ideas, tools and techniques and realized the potential value of what they were learning in the industry.
Design/methodology/approach
– The paper develops fundamental principles and arguments that inform the design and development of the teaching curriculum. The curriculum is aimed at security management professionals in general and consultants in particular. The paper explains the teaching method in detail including the specific topics of lectures, representative reading material, assessment tasks and feedback mechanisms. Finally, lessons learned by the authors and their conclusions are presented as a form of reflection.
Findings
– The instructors recognized four key factors that played a role in the atmosphere of intellectual excitement and motivation. These were new concepts and ideas, an increased level of engagement, opportunities for students to make their own discoveries and knowledge presented in a practical context. Maintaining a high quality of teaching resources, catering for diverse student needs and incorporating learning cycles of assessment in a short period of time were additional challenges.
Originality/value
– Most “information security” curricula described in research literature take a technology-oriented perspective. This paper presents a much-needed management point of view. The teaching curriculum (including assessment tasks) and experiences will be useful to existing and future teaching and research academics in “information security management”. Those interested in developing their own teaching material will benefit from the discussion on potential topic areas, choice of assessment tasks and selection of recommended reading material.
Subject
Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems
Reference61 articles.
1. Abdul Molok, N.
,
Ahmad, A.
and
Chang, S.
(2010), “Information leakage through online social networking: opening the doorway for advanced persistence threats”, Proceedings of the 8th Information Security Management Conference, Edith Cowan University, Perth, 30 November-2nd December, pp. 76-88.
2. Ahmad, A.
,
Hadjkiss, J.
and
Ruighaver, A.B.
(2012a), “Incident response teams - challenges in supporting the organizational security function”,
Computers & Security
, Vol. 31 No. 5, pp. 643-652.
3. Ahmad, A.
,
Maynard, S.
and
Park, S.
(2014), “Information security strategies: towards an organizational multi-strategy perspective”,
Journal of Intelligent Manufacturing
, Vol. 25 No. 2, pp. 357-370.
4. Ahmad, A.
,
Ruighaver, A.B.
and
Teo, W.T.
(2005), “An information-centric approach to data security in organizations”, in
Harris, R.
(Ed),
Proceedings of Tencon 2005: 2005 IEEE Region 10. 1-5
, Swinburne University, Melbourne.
5. Alberts, C.J.
and
Dorofee, A.J.
(2003),
Managing Information Security Risks: The OCTAVE Approach
. Addison-Wesley Professional, Boston.
Cited by
13 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献