A Constructive Approach to Information Systems Security Training: An Action Research Experience
作者: Juhani Heikka
DOI:
关键词:
摘要: Information systems (IS) security breaches cause significant losses to organizations worldwide. Many approaches have been introduced in order improve employees’ behavior. Earlier research shows that only seven out of 59 are based on sound theoretical background, and the area IS awareness behavior has neglected use relevant theories psychology, pedagogy management. The lack utilizing may a negative impact effectiveness training understanding how change towards compliance organizational information policies. In this paper we describe theoretically grounded approach constructivism. is empirically validated telecommunications company. results show positive
参考文章(32)
Carl A. Roper, Joseph Grau, Lynn F. Fischer, Security education, awareness, and training : from theory to practice Elsevier Butterworth-Heinemann. ,(2006)
Bernard Burnes, Managing change : a strategic approach to organisational development and renewal Pitman. ,(1992)
Kregg Aytes, Terry Connolly, A Research Model for Investigating Human Behavior Related to Computer Security americas conference on information systems. pp. 260- ,(2003)
R. Power, CSI/FBI computer crime and security survey Computer Security Journal. ,vol. 17, pp. 20- 51 ,(2001)
Kevin McLean, Information Security Awareness - Selling the Cause information security. pp. 179- 193 ,(1992)
Juhani Heikka, Richard Baskerville, Mikko Siponen, None, A Design Theory for Secure Information Systems Design Methods Journal of the Association for Information Systems. ,vol. 7, pp. 31- ,(2006) , 10.17705/1JAIS.00107
Rebecca Herold, Managing an information security and privacy awareness and training program ,(2005)
Dale H. Schunk, Learning Theories: An Educational Perspective ,(1996)
Fredrik J Björck, Institutional Theory : A New Perspective for Research into IS/IT Security ,(2004)