Skip to main content
SpringerLink
Log in

How to Train People to Increase Their Security Awareness in IT

  • Conference paper
  • First Online:
Advanced Multimedia and Ubiquitous Engineering (FutureTech 2017, MUE 2017)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 448))

  • 2360 Accesses

Abstract

One of the key issues concerning IT systems is Information Security Management. Among the security objectives in the ISO/IEC 27002:2013 standard refers to information security awareness, education and training. In this area there are many important aspects but in this paper authors focus on people, their knowledge and their security awareness. Authors introduce a model that could illustrate organization members, their relations and knowledge about security. Results of simulations can be used to create plans of training to increase their security awareness. Finally authors present few cases where different strategies of teaching people are tested and the analysis is presented. If knowledge does not change under the influence of co-workers, it is better to train those with smallest knowledge.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Arachchilage, N.A.G., Love, S.: Security awareness of computer users: a phishing threat avoidance perspective. Comput. Hum. Behav. 38, 304–312 (2014)

    Article  Google Scholar 

  2. Bylica, W., Ksiezopolski, B.: On scalable security audit for web application according to ISO 27002. In: Computer Networks. CCIS, vol. 160, pp. 386–397. Springer (2011)

    Google Scholar 

  3. Mazur, K., Ksiezopolski, B., Kotulski, Z.: The robust measurement method for security metrics generation. Comput. J. 58(10), 2280–2296 (2014). Oxford Press

    Article  Google Scholar 

  4. Niescieruk, A., Ksiezopolski, B.: Motivation-based risk analysis process for IT Systems. In: AsiaARES, vol. 8407, pp. 446–455 (2014)

    Google Scholar 

  5. de Nooy, W., Mrvar, A., Batagelj, V.: Exploratory Social Network Analysis with Pajek (2004). http://vlado.fmf.uni-lj.si/pub/networks/data/esna/hiTech.htm

  6. Rogers, M.K., Seigfried, K., Tidke, K.: Self-reported computer criminal behavior: a psychological analysis. Dig. Invest. 3, 116–120 (2006)

    Article  Google Scholar 

  7. von Solms, B.: Information security - a multidimensional discipline. Comput. Secur. 20, 504–508 (2001). Elsevier Science Ltd.

    Article  Google Scholar 

  8. The web page of the QoP-ML project (2015). http://qopml.org/

  9. Valentine, A.J.: Enhancing the employee security awareness model. Comput. Fraud Secur. 2006(6), 17–19 (2006). Cybertrust’s ICSA Labs

    Article  Google Scholar 

  10. Westin, A.F.: Social and political dimensions of privacy. J. Soc. Issues 59(2), 431–453 (2003). Columbia University

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Polish-Japanese Academy of Information Technology, Koszykowa 86, 02-008, Warsaw, Poland

    Agata Niescieruk, Bogdan Ksiezopolski, Radoslaw Nielek & Adam Wierzbicki

  2. Institute of Computer Science, Maria Curie-Sklodowska University, Pl. Marii Curie-Sklodowskiej 5, Lublin, Poland

    Bogdan Ksiezopolski

Authors
  1. Agata Niescieruk
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bogdan Ksiezopolski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Radoslaw Nielek
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Adam Wierzbicki
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science and Engineering, Seoul National University of Science and Technology, Seoul, Korea (Republic of)

    James J. (Jong Hyuk) Park

  2. School of Computing and Information Sciences, Florida International University, Miami, Florida, USA

    Shu-Ching Chen

  3. Department of Information Systems and Cyber Security, The University of Texas at San Antonio, Adelaide, Australia

    Kim-Kwang Raymond Choo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Niescieruk, A., Ksiezopolski, B., Nielek, R., Wierzbicki, A. (2017). How to Train People to Increase Their Security Awareness in IT. In: Park, J., Chen, SC., Raymond Choo, KK. (eds) Advanced Multimedia and Ubiquitous Engineering. FutureTech MUE 2017 2017. Lecture Notes in Electrical Engineering, vol 448. Springer, Singapore. https://doi.org/10.1007/978-981-10-5041-1_3

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-5041-1_3

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-5040-4

  • Online ISBN: 978-981-10-5041-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation