scholarly journals PRIORITY DIRECTIONS FOR THE DEVELOPMENT OF PROFESSIONAL ORIENTATION OF CADETS OF MILITARY INSTITUTES ON INFORMATION SECURITY

2021 ◽  
pp. 201-210
Author(s):  
Александр Михайлович Казимирович
Keyword(s):  
Information Security ◽  
Correlation Analysis ◽  
Research Methods ◽  
Diagnostic Tools ◽  
Expert Assessment ◽  
Educational Work ◽  
Professional Orientation ◽  
Security Culture ◽  
Work Program ◽  
Information Security Culture

Представлены результаты экспертной оценки мероприятий, способствующих развитию профессиональной направленности на информационную безопасность, а также характеристик качеств (свойств) личности, способствующих развитию культуры информационной безопасности. Объектом исследования является профессиональная направленность на информационную безопасность. Целью представленной статьи является выявление эффективных направлений развития профессиональной направленности на информационную безопасность. Для достижения указанной цели использовались следующие методы исследования: опрос, экспертная оценка, корреляционный анализ. Результаты экспертной оценки позволили выявить наиболее эффективные мероприятия, способствующие развитию профессиональной направленности на информационную безопасность. Корреляционный анализ полученных результатов позволил определить явные зависимости между рассматриваемыми качествами личности и выделить три основных блока качеств личности: «Понимание информационной безопасности», «Профессионально важные качества» и «Общекультурные компетенции». Перечисленные блоки позволяют подобрать диагностические средства для оценки результативности реализации программы воспитательной работы по развитию профессиональной направленности на информационную безопасность. This article presents the results of an expert assessment of the activities that contribute to the development of professional orientation to information security, as well as the characteristics of the qualities (properties) of a person that contribute to the development of an information security culture. The object of the study is a professional orientation to information security. The purpose of the presented article is to identify effective directions for the development of professional orientation to information security. To achieve this goal, the following research methods were used: survey, expert assessment, correlation analysis. The results of the expert assessment made it possible to identify the most effective measures that contribute to the development of professional orientation to information security. The correlation analysis of the obtained results allowed us to determine the obvious dependencies between the considered personality qualities and to identify 3 main blocks of personality qualities: «Understanding of information security», «Professionally important qualities» and «General Cultural competencies». These blocks allow you to select diagnostic tools to assess the effectiveness of the implementation of the educational work program for the development of professional orientation to information security.

Information security culture – state-of-the-art review between 2000 and 2013

2015 ◽  
Vol 23 (3) ◽  
pp. 246-285 ◽  
Author(s):  
Fredrik Karlsson ◽  
Joachim Åström ◽  
Martin Karlsson
Keyword(s):  
Information Security ◽  
Research Methods ◽  
State Of The Art ◽  
Assessment Tools ◽  
Future Research ◽  
Research Topics ◽  
Content Type ◽  
Security Culture ◽  
Systems Research ◽  
Information Security Culture

Purpose – The aim of this paper is to survey existing information security culture research to scrutinise the kind of knowledge that has been developed and the way in which this knowledge has been brought about. Design/methodology/approach – Results are based on a literature review of information security culture research published between 2000 and 2013 (December). Findings – This paper can conclude that existing research has focused on a broad set of research topics, but with limited depth. It is striking that the effects of different information security cultures have not been part of that focus. Moreover, existing research has used a small repertoire of research methods, a repertoire that is more limited than in information systems research in general. Furthermore, an extensive part of the research is descriptive, philosophical or theoretical – lacking a structured use of empirical data – which means that it is quite immature. Research limitations/implications – Findings call for future research that: addresses the effects of different information security cultures; addresses the identified research topics with greater depth; focuses more on generating theories or testing theories to increase the maturity of this subfield of information security research; and uses a broader set of research methods. It would be particularly interesting to see future studies that use intervening or ethnographic approaches because, to date, these have been completely lacking in existing research. Practical implications – Findings show that existing research is, to a large extent, descriptive, philosophical or theoretical. Hence, it is difficult for practitioners to adopt these research results, such as frameworks for cultivating or assessment tools, which have not been empirically validated. Originality/value – Few state-of-the-art reviews have sought to assess the maturity of existing research on information security culture. Findings on types of research methods used in information security culture research extend beyond the existing knowledge base, which allows for a critical discussion about existing research in this sub-discipline of information security.

The formation of information security culture of college students

2019 ◽  
pp. 29-36
Author(s):  
I. D. Rudinskiy ◽  
D. Ya. Okolot
Keyword(s):  
College Students ◽  
Information Security ◽  
Information Society ◽  
Technical Aspect ◽  
Data Sources ◽  
Structural Components ◽  
Security Culture ◽  
The Individual ◽  
Information Security Culture ◽  
Ability And Willingness

The article discusses aspects of the formation of information security culture of college students. The relevance of the work is due to the increasing threats to the information security of the individual and society due to the rapid increase in the number of information services used. Based on this, one of the important problems of the development of the information society is the formation of a culture of information security of the individual as part of the general culture in its socio-technical aspect and as part of the professional culture of the individual. The study revealed the structural components of the phenomenon of information security culture, identified the reasons for the interest in the target group of students. It justifies the need for future mid-level specialists to form an additional universal competency that ensures the individual’s ability and willingness to recognize the need for certain information, to identify and evaluate the reliability and reliability of data sources. As a result of the study, recommendations were formulated on the basis of which a culture of information security for college students can be formed and developed and a decomposition of this process into enlarged stages is proposed. The proposals on the list of disciplines are formulated, within the framework of the study of which a culture of information security can develop. The authors believe that the recommendations developed will help future mid-level specialists to master the universal competency, consisting in the ability and willingness to recognize the need for certain information, to identify and evaluate the reliability and reliability of data sources, as well as to correctly access the necessary information and its further legitimate use, which ultimately forms a culture of information security.

scholarly journals Factorial invariance of an information security culture assessment instrument for multinational organisations with operations across data protection jurisdictions

2015 ◽  
Vol 4 (4) ◽  
pp. 47-58 ◽  
Author(s):  
Nico Martins ◽  
Adéle da Veiga
Keyword(s):  
Information Security ◽  
Data Protection ◽  
Personal Information ◽  
Theoretical Perspective ◽  
Factorial Invariance ◽  
Assessment Instrument ◽  
Security And Privacy ◽  
Security Culture ◽  
The Uk ◽  
Information Security Culture

An information security culture is influenced by various factors, one being regulatory requirements. The United Kingdom (UK) has been regulated through the UK Data Protection Act since 1995, whereas South Africa (SA) only promulgated the Protection of Personal Information Act (PoPI) in 2013. Both laws stipulate requirements from an information security perspective with regard to the processing of personal information, however in the UK this has been regulated for a longer period. Consequently, it is to be expected that the information security culture for organisations in the UK will be significantly different from that of SA. This raises the question as to whether the same information security culture assessment (ISCA) instrument could be used in an organisation with offices in both jurisdictions, and whether it might be necessary to customise it according the particular country’s enforcement of information security and privacy-related conditions. This is reviewed, firstly from a theoretical perspective, and secondly a factorial invariance analysis was conducted in a multinational organisation with offices in both the UK and SA, using data from an ISCA questionnaire, to determine possible factorial invariances in terms of the ISCA.

Investigating the Concept of Information Security Culture

2012 ◽  
pp. 1-12 ◽  
Author(s):  
Daniel Oost ◽  
Eng K. Chew
Keyword(s):  
Information Security ◽  
Future Research ◽  
Security Culture ◽  
Second Nature ◽  
Human Aspect ◽  
Concept Of Information ◽  
Mystical State ◽  
Published Research ◽  
Information Security Culture

The concept of an “information security culture” is relatively new. A review of published research on the topic suggests that it is not the information security panacea that has been suggested. Instead, it tends to refer to a range of existing techniques for addressing the human aspect of information security, oversimplifying the link between culture and behaviour, exaggerating the ease with which a culture can be adjusted, and treating culture as a monolith, set from the top. Evidence for some of the claims is also lacking. This chapter finds that the term “information security culture” is ambiguous and vague enough to suggest the possibility of achieving an almost mystical state, whereby behaviour consistent with information security is second nature to all employees, but when probed does not deliver. Instead, future research should be clear about what it considers information security culture to be, should provide evidence for claims, and should take complexity and context seriously.

Establishing a Personalized Information Security Culture

2012 ◽  
pp. 53-69 ◽  
Author(s):  
Shuhaili Talib ◽  
Nathan L. Clarke ◽  
Steven M. Furnell
Keyword(s):  
Information Security ◽  
Home Environment ◽  
Security Culture ◽  
Information Security Awareness ◽  
Use Of Technology ◽  
Awareness Programs ◽  
Awareness Raising ◽  
Knowledge And Practice ◽  
Information Security Culture ◽  
Individual Security

Good security cannot be achieved through technical means alone and a solid understanding of the issues and how to protect one’s self is required from users. Whilst many initiatives, programs and strategies have been proposed to improve the level of information security awareness, most have been directed at organizations. Given people’s use of technology is primarily focused between the workplace and home; this paper seeks to understand the knowledge and practice relationship between these environments. Through a developed survey, it was identified that the majority of the learning about information security occurred in the workplace, where clear motivations, such as legislation and regulation, existed. Results found that users were more than willing to engage with such awareness raising initiatives. From a comparison of practice between work and home environments, it was found that this knowledge and practice obtained at the workplace was transferred to the home environment. Given this positive transferability of knowledge and the willingness to learn about how to remain secure, an opportunity exists to move away from specific organizational awareness programs and to move towards awareness raising strategies that will develop an all-round individual security culture for users independent of the environment they are operating in.

Sign in / Sign up

Export Citation Format

Share Document