Projects per year
Abstract
The purpose of this research is to analyze information security awareness (ISA) programs and the measurement of ISA behavior in banking organizations. The underlying paper summarizes the qualitative and exploratory part of our two-staged mixed methods research on the improvement of employee security behavior concerning IT operational risks. IT operational loss events are often caused by undesirable security behavior of employees concerning information technology. Organizations conduct ISA programs to build employees’ security awareness concerning information technology to prevent IT operational loss events. Ten semi-structured qualitative expert interviews were carried out to explore potentials for improvement of ISA programs. Our findings focus on the character of ISA delivery methods and the implemented controls for these methods. Further research should shed light on the effectiveness of experimental and proactive ISA controlling. The outcome provides input for practice in the area of ISA building in the financial sector.
Original language | English |
---|---|
Number of pages | 33 |
Publication status | Published - 14 Dec 2013 |
Event | AIS SIGSEC Workshop on Information Security & Privacy (WISP2013) - Milano, Italy Duration: 14 Dec 2013 → 14 Dec 2013 |
Workshop
Workshop | AIS SIGSEC Workshop on Information Security & Privacy (WISP2013) |
---|---|
Country/Territory | Italy |
City | Milano |
Period | 14/12/13 → 14/12/13 |
Bibliographical note
Proceedings of the Eighth Pre-ICIS Workshop on Information Security and Privacy, Milano, December 14, 2013Fingerprint
Dive into the research topics of 'End User Information Security Awareness Programs for Improving Information Security in Banking Organizations: Preliminary Results from an Exploratory Study'. Together they form a unique fingerprint.Projects
- 1 Finished
-
IT Operational Risk Awareness Building in Banking Organizations
Bernroider, E. (PI), Bauer, S. (CoI) & Chudzikowski, K. (CoI)
1/03/13 → 28/02/15
Project: Research-related funding