A Dynamic and Adaptive Information Security Awareness (DAISA) Approach
2005 (English)Doctoral thesis, monograph (Other academic)
Information systems fail not only because of problems with technology used and technical incompetence of professionals administering them but also because of lack of security awareness to the end users. In addition, various research results have revealed that security and reliability of IS/IT systems is a function of technology, processes and people.
This research has focused on the latter aiming at developing an integrated information security education, training and awareness learning continuum. Particularly, the research has focused on developing countries where a little has been done to address information security learning continuum. The research has been done in two cyclic phases in which cycle one has chiefly addressed security education and training aspects whereas cycle two has mainly focused on security awareness aspects. Based on empirical analysis of security practices in organisations; the thesis proposes a Dynamic and Adaptive Information Security Awareness (DAISA) approach. Founded on six interdependent pillars, the approach delineates high level guidelines for establishing and maintaining information security awareness programs at workplaces.
Place, publisher, year, edition, pages
Kista: Institutionen för data- och systemvetenskap (tills m KTH) , 2005. , 226 p.
Report Series / Department of Computer & Systems Sciences, ISSN 1101-8526 ; 05-020
IdentifiersURN: urn:nbn:se:su:diva-743ISBN: 91-7155-154-9OAI: oai:DiVA.org:su-743DiVA: diva2:198251
2005-12-09, sal D, Forum, Isafjordsgatan 39, Kista, 10:00