his.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Using ContextBased MicroTraining to enforce secure behavior among computer users
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Informationssystem, Information Systems)
2019 (Engelska)Konferensbidrag, Poster (med eller utan abstract) (Övrigt vetenskapligt)
Abstract [en]

Abstract: While there are many technical security controls available, the research- as well as the practitionercommunity agrees that a key aspect of information security is user behavior(Bulgurcu, Cavusoglu, & Benbasat, 2010; Safa & Von Solms, 2016). It is also well established that users are usually a target somewhere in the attack chain in any intrusion attempt at a computer system or network. Thus, measures has to be taken to enforce secure user behavior. While technical controls are an important part of security, making users understand the consequences of insecure behavior and behave in a secure way is another key to good security. A common suggestion, in this regard, is training (Puhakainen & Siponen, 2010). On the topic of training, Parsons (2018) suggests that training should not only be about learning security, but also make users stop and think before they act. In this presentation, ContextBased MicroTraining (CBMT), a framework for training users to behave securely and has been developed during several years is presented (Kävrestad & Nohlberg, 2015; Skärgård, 2017; Werme, 2014). CBMT aims to deliver information security training in short sequences and is in that regard similar to, for instance, nano learning. However, CBMT also stipulates that training should be delivered to users in a situation where it is of direct relevance. Thus, the training should be perceived as more relevant and bring a reminding effect. Following the presentation of CBMT, the poster will describe how CBMT has been evaluated so far and with what results. The poster will end with a discussion on future research directions and suggestions for practical implementations of CBMT. References Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 34(3), 523- 548. Kävrestad, J., & Nohlberg, M. (2015). Online Fraud Defence by Context Based Micro Training. Paper presented at the HAISA. Parsons, K., Butavicius, M., Lillie, M., Calic, D., McCormac, A., & Pattinson, M. (2018). Which individual, cultural, organisational and inerventional factors explain phishing resilience?. . Paper presented at the Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018) Dundee, Scotland, UK: University of Plymouth. Puhakainen, P., & Siponen, M. (2010). Improving employees' compliance through information systems security training: an action research study. MIS quarterly, 757-778. Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451. Skärgård, M. (2017). Mikroträning som utbildningsmetod inom informationssäkerhet. In. Werme, J. (2014). Security awareness through micro-training: An initial evaluation of a context based micro-training framework. In

Ort, förlag, år, upplaga, sidor
2019.
Nationell ämneskategori
Data- och informationsvetenskap
Forskningsämne
Informationssystem (IS)
Identifikatorer
URN: urn:nbn:se:his:diva-17204OAI: oai:DiVA.org:his-17204DiVA, id: diva2:1327449
Konferens
19th Seminar within the Framework of a Swedish IT Security Network for PhD students, 3-4 June 2019, Karlstad
Tillgänglig från: 2019-06-19 Skapad: 2019-06-19 Senast uppdaterad: 2019-06-19Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

https://swits.hotell.kau.se/AnnualSeminars/SWITS%202019/Swits%20program%202019.htm

Personposter BETA

Kävrestad, Joakim

Sök vidare i DiVA

Av författaren/redaktören
Kävrestad, Joakim
Av organisationen
Institutionen för informationsteknologiForskningscentrum för Informationsteknologi
Data- och informationsvetenskap

Sök vidare utanför DiVA

GoogleGoogle Scholar

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 9 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf