Recommendations for information security awareness training for college students-Reference-Cited by-同舟云学术

Recommendations for information security awareness training for college students

Published:2014-03-04 Issue:1 Volume:22 Page:115-126
ISSN:0968-5227
Container-title:Information Management & Computer Security
language:en
Short-container-title:

Author:

B. Kim Eyong

Abstract

Purpose – The purpose of this paper is to survey the status of information security awareness among college students in order to develop effective information security awareness training (ISAT). Design/methodology/approach – Based on a review of the literature and theoretical standpoints as well as the National Institute of Standards and Technology Special Publication 800-50 report, the author developed a questionnaire to investigate the attitudes toward information security awareness of undergraduate and graduate students in a business college at a mid-sized university in New England. Based on that survey and the previous literature, suggestions for more effective ISAT are provided. Findings – College students understand the importance and the need for ISAT but many of them do not participate in it. However, security topics that are not commonly covered by any installed (or built-in) programs or web sites have a significant relationship with information security awareness. It seems that students learned security concepts piecemeal from variety of sources. Practical implications – Universities can assess their ISAT for students based on the findings of this study. Originality/value – If any universities want to improve their current ISAT, or establish it, the findings of this study offer some guidelines.

Publisher

Emerald

Subject

Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems

Reference41 articles.

1. Abraham, S. and Chengalur-Smith, I. (2010), “An overview of social engineering malware: trends, tactics, and implications”, Technology in Society, Vol. 32 No. 3, pp. 183-196.

2. Aytes, K. and Terry, C. (2004), “Computer security and risky computing practices: a rational choice perspective”, Journal of Organizational and End User Computing, Vol. 16 No. 3, pp. 22-40.

3. Bakhski, T. , Papadaki, M. and Furnell, S. (2009), “Social engineering: assessing vulnerabilities in practice”, Information Management & Computer Security, Vol. 17 No. 1, pp. 53-63.

4. Ceraolo, J.P. (1996), “Penetration testing through social engineering”, Information Systems Security, Vol. 4 No. 4, pp. 37-48.

5. Cisco Systems (2008), “Data leakage worldwide: the high cost of insider threats”, available at: www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-506224.pdf.

Cited by 57 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Taxonomy of SETA Methods and Linkage to Delivery Preferences;ACM SIGMIS Database: the DATABASE for Advances in Information Systems;2023-10-23

2. Validation and application of the human aspects of information security questionnaire for undergraduates: effects of gender, discipline and grade level;Behaviour & Information Technology;2023-10-10

3. Want to Raise Cybersecurity Awareness? Start with Future IT Professionals.;Proceedings of the 2023 Conference on Innovation and Technology in Computer Science Education V. 1;2023-06-29

4. User perception of Context-Based Micro-Training – a method for cybersecurity training;Information Security Journal: A Global Perspective;2023-06-09

5. Exploring the role of gamified information security education systems on information security awareness and protection behavioral intention;Education and Information Technologies;2023-05-03