Welcome to the InfoSci Platform
Reference Hub12
Analyzing Human Factors for an Effective Information Security Management System

Analyzing Human Factors for an Effective Information Security Management System

Reza Alavi, Shareeful Islam, Hamid Jahankhani, Ameer Al-Nemrat
Copyright: © 2013 |Volume: 4 |Issue: 1 |Pages: 25
ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781466631113|DOI: 10.4018/jsse.2013010104
Cite Article Cite Article

MLA

Alavi, Reza, et al. "Analyzing Human Factors for an Effective Information Security Management System." IJSSE vol.4, no.1 2013: pp.50-74. http://doi.org/10.4018/jsse.2013010104

APA

Alavi, R., Islam, S., Jahankhani, H., & Al-Nemrat, A. (2013). Analyzing Human Factors for an Effective Information Security Management System. International Journal of Secure Software Engineering (IJSSE), 4(1), 50-74. http://doi.org/10.4018/jsse.2013010104

Chicago

Alavi, Reza, et al. "Analyzing Human Factors for an Effective Information Security Management System," International Journal of Secure Software Engineering (IJSSE) 4, no.1: 50-74. http://doi.org/10.4018/jsse.2013010104

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Managing security is essential for organizations doing business in a globally networked environment and for organizations that are at the same time seeking to achieve their missions and goals. However, numerous technical advancements do not always produce a more secure environment. All kinds of human factors can deeply affect the management of security in an organizational context. Therefore, security is not solely a technical problem; rather, the authors need to understand human factors, which need adequate attention to achieve an effective information security management system practice. This paper identifies direct and indirect human factors that have impact on information security. These factors were analyzed through the study of two security incidents of the UK’s financial organizations using the SWOT (Strength, Weaknesses, Opportunities, and Threats) technique. The study’s results show that human factors are the main causes for these security incidents. Factors such as training, awareness, and security culture influence organizational strength and opportunity relating to information security. People’s irrational behavior and errors are the main weaknesses highlighted in security incidents, which pose threats such as poor reputation and high costs.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.