Analyzing Human Factors for an Effective Information Security Management System-Reference-Cited by-同舟云学术

Analyzing Human Factors for an Effective Information Security Management System

Published:2013-01 Issue:1 Volume:4 Page:50-74
ISSN:1947-3036
Container-title:International Journal of Secure Software Engineering
language:en
Short-container-title:

Author:

Alavi Reza¹,Islam Shareeful¹,Jahankhani Hamid¹,Al-Nemrat Ameer¹

Affiliation:

1. School of Architecture, Computing and Engineering, University of East London, London, UK

Abstract

Managing security is essential for organizations doing business in a globally networked environment and for organizations that are at the same time seeking to achieve their missions and goals. However, numerous technical advancements do not always produce a more secure environment. All kinds of human factors can deeply affect the management of security in an organizational context. Therefore, security is not solely a technical problem; rather, the authors need to understand human factors, which need adequate attention to achieve an effective information security management system practice. This paper identifies direct and indirect human factors that have impact on information security. These factors were analyzed through the study of two security incidents of the UK’s financial organizations using the SWOT (Strength, Weaknesses, Opportunities, and Threats) technique. The study’s results show that human factors are the main causes for these security incidents. Factors such as training, awareness, and security culture influence organizational strength and opportunity relating to information security. People’s irrational behavior and errors are the main weaknesses highlighted in security incidents, which pose threats such as poor reputation and high costs.

Publisher

IGI Global

Subject

General Medicine

Reference87 articles.

1. Users are not the enemy

2. Al-Awadi, M., & Renaud, K. (2007, July 3-6). Success factors in information security implementation in organizations. In Kommers, P., Isaias, P., & Chen, N. S. (Eds.), In Proceedings of the IADIS International Conference e-Society, Lisbon, Portugal.

3. Handbook of Research on Open Source Software

4. Basic concepts and taxonomy of dependable and secure computing

5. Aytes, K., & Connolly, T. (2003, August 4-6). A research model for investigating human behavior related to computer security. In Proceedings of the Ninth Americas Conference on Information Systems, Tampa, FL.

Cited by 13 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Existing Research on HRIS in Public Organizations;Professional Practice in Governance and Public Organizations;2023

2. The importance of information security for organizations;Serbian Journal of Engineering Management;2023

3. Identifying Strategies to Address Human Cybersecurity Behavior: A Review Study;INT J COMPUT SCI NET;2022

4. Human factor aspects in information security management in the traditional IT and cloud computing models;Operations Research and Decisions;2021

5. Existing Research on HRIS in Public Organizations;Management for Professionals;2021