A study of information security awareness in Australian government organisations. Issue 4 (7th October 2014)
- Record Type:
- Journal Article
- Title:
- A study of information security awareness in Australian government organisations. Issue 4 (7th October 2014)
- Main Title:
- A study of information security awareness in Australian government organisations
- Authors:
- Parsons, Kathryn
McCormac, Agata
Pattinson, Malcolm
Butavicius, Marcus
Jerram, Cate - Abstract:
- <abstract> <title> <x content-type="archive" xml:space="preserve">Abstract</x> </title> <sec> <title content-type="abstract-heading">Purpose</title> <p> – The purpose of this paper is to investigate the human-based information security (InfoSec) vulnerabilities in three Australian government organisations. </p> </sec> <sec> <title content-type="abstract-heading">Design/methodology/approach</title> <p> – A Web-based survey was developed to test attitudes, knowledge and behaviour across eight policy-based focus areas. It was completed by 203 participants across the three organisations. This was complemented by interviews with senior management from these agencies. </p> </sec> <sec> <title content-type="abstract-heading">Findings</title> <p> – Overall, management and employees had reasonable levels of InfoSec awareness. However, weaknesses were identified in the use of wireless technology, the reporting of security incidents and the use of social networking sites. These weaknesses were identified in the survey data of the employees and corroborated in the management interviews. </p> </sec> <sec> <title content-type="abstract-heading">Research limitations/implications</title> <p> – As with all such surveys, responses to the questions on attitude and behaviour (but not knowledge) may have been influenced by the social desirability bias. Further research should establish more extensive baseline data for the survey and examine its effectiveness in assessing the impact of training<abstract> <title> <x content-type="archive" xml:space="preserve">Abstract</x> </title> <sec> <title content-type="abstract-heading">Purpose</title> <p> – The purpose of this paper is to investigate the human-based information security (InfoSec) vulnerabilities in three Australian government organisations. </p> </sec> <sec> <title content-type="abstract-heading">Design/methodology/approach</title> <p> – A Web-based survey was developed to test attitudes, knowledge and behaviour across eight policy-based focus areas. It was completed by 203 participants across the three organisations. This was complemented by interviews with senior management from these agencies. </p> </sec> <sec> <title content-type="abstract-heading">Findings</title> <p> – Overall, management and employees had reasonable levels of InfoSec awareness. However, weaknesses were identified in the use of wireless technology, the reporting of security incidents and the use of social networking sites. These weaknesses were identified in the survey data of the employees and corroborated in the management interviews. </p> </sec> <sec> <title content-type="abstract-heading">Research limitations/implications</title> <p> – As with all such surveys, responses to the questions on attitude and behaviour (but not knowledge) may have been influenced by the social desirability bias. Further research should establish more extensive baseline data for the survey and examine its effectiveness in assessing the impact of training and risk communication interventions. </p> </sec> <sec> <title content-type="abstract-heading">Originality/value</title> <p> – A new survey tool is presented and tested which is of interest to academics as well as management and IT systems (security) auditors.</p> </sec> </abstract> … (more)
- Is Part Of:
- Information management & computer security. Volume 22:Issue 4(2014)
- Journal:
- Information management & computer security
- Issue:
- Volume 22:Issue 4(2014)
- Issue Display:
- Volume 22, Issue 4 (2014)
- Year:
- 2014
- Volume:
- 22
- Issue:
- 4
- Issue Sort Value:
- 2014-0022-0004-0000
- Page Start:
- 334
- Page End:
- 345
- Publication Date:
- 2014-10-07
- Subjects:
- Information technology -- Management -- Periodicals
Management information systems -- Periodicals
Computer security -- Periodicals
658.05 - Journal URLs:
- http://info.emeraldinsight.com/products/journals/journals.htm?id=imcs ↗
http://www.emeraldinsight.com/0968-5227.htm ↗
http://www.emeraldinsight.com/imcs.htm ↗
http://www.emeraldinsight.com/ ↗
http://firstsearch.oclc.org ↗ - DOI:
- 10.1108/IMCS-10-2013-0078 ↗
- Languages:
- English
- ISSNs:
- 0968-5227
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4493.687056
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 3101.xml