A Holistic Evaluation Model for Information Security Awareness Programs in Work Environment

被引:0
|
作者
Alharbi, Talal [1 ]
机构
[1] Univ Jeddah, Cybersecur Dept, Coll Comp Sci & Engn, Jeddah, Saudi Arabia
来源
2023 EIGHTH INTERNATIONAL CONFERENCE ON MOBILE AND SECURE SERVICES, MOBISECSERV | 2023年
关键词
compliance; policy; awareness; human factors; security culture;
D O I
10.1109/MOBISECSERV58080.2023.10329041
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Cybersecurity Awareness (CSA) programs play an crucial role in avoiding the human errors that lead to cyberattacks. Traditional CSA programs depends on self-reporting methods to assess the employees knowledge and behavior. However, relying on self-reporting methods may yield in inaccurate measurements and pose challenges in monitoring the change and improvement in employees behavior and compliance. In this paper, we propose a novel framework to assess the employees' behavior, by passive and active techniques that collect data from different sources. Our proposed method supports Machine Learning (ML) for data analysis to identify security risky behavior and recommend the most effective program to each group of employees based on their needs.
引用
收藏
页数:4
相关论文
共 50 条
  • [1] Investigation of stakeholders commitment to information security awareness programs
    Abawajy, Jernal H.
    Thatcher, K.
    Kim, Tai-hoon
    PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON INFORMATION SECURITY AND ASSURANCE, 2008, : 472 - +
  • [2] Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation
    Bernik, Igor
    Prislan, Kaja
    PLOS ONE, 2016, 11 (09):
  • [3] A model for information security vulnerability awareness
    Mejias, Roberto J.
    Greer, Joshua J.
    Greer, Gabrila C.
    Shepherd, Morgan M.
    Reyes, Raul Y.
    Computers and Security, 2025, 151
  • [4] Information security management: An information security retrieval and awareness model for industry
    Kritzinger, E.
    Smith, E.
    COMPUTERS & SECURITY, 2008, 27 (5-6) : 224 - 231
  • [5] Holistic information security management in multi-organization environment
    Wiander, Tirno
    Savola, Reijo
    Karppinen, Kaarina
    Rapeli, Mikko
    2006 IEEE INTERNATIONAL SYMPOSIUM ON INDUSTRIAL ELECTRONICS, VOLS 1-7, 2006, : 2942 - 2947
  • [6] Password retrieval programs in education and their effects on information security awareness
    Antonia, Szasz
    Gabor, Kiss
    INFORMACIOS TARSADALOM, 2018, 18 (3-4): : 82 - +
  • [7] Evaluation of Users' Awareness and Their Reaction on Information Security
    Zeki, Akram M.
    Hamid, Habiba
    2015 4TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER SCIENCE APPLICATIONS AND TECHNOLOGIES (ACSAT), 2015, : 251 - 255
  • [8] Towards an Information Security Awareness Maturity Model
    Fertig, Tobias
    Schuetz, Andreas E.
    Weber, Kristin
    Mueller, Nicholas H.
    LEARNING AND COLLABORATION TECHNOLOGIES. HUMAN AND TECHNOLOGY ECOSYSTEMS, LCT 2020, PT II, 2020, 12206 : 587 - 599
  • [9] An Analysis of Information Security Awareness within Home and Work Environments
    Talib, Shuhaili
    Clarke, Nathan L.
    Furnell, Steven M.
    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS, 2010, : 196 - 203
  • [10] Factors Influencing Employees' Information Security Awareness in the Telework Environment
    Zhen, Jie
    Dong, Kunxiang
    Xie, Zongxiao
    Chen, Lin
    ELECTRONICS, 2022, 11 (21)
12345