Fortifying Corporate Human Wall

2017 ◽  
pp. 142-175 ◽  
Author(s):  
Anandharaman Pattabiraman ◽  
Sridhar Srinivasan ◽  
Kaushik Swaminathan ◽  
Manish Gupta
Keyword(s):  
Cyber Security ◽  
Training Programs ◽  
Security Threats ◽  
Security Awareness ◽  
External Threats ◽  
Body Of Knowledge ◽  
Awareness Programs ◽  
Tremendous Amount ◽  
Conceptual Research ◽  
And Training

It has been very evident from data breaches from last few years that attackers are increasingly targeting the path of least resistance to compromise the security of organizations. Cyber security threats that exploit human behavior are becoming sophisticated and difficult to prevent against. At the same time humans are the countermeasures that can adapt swiftly to changing risk landscape than technological and procedural countermeasures. Organizations are implementing and enhancing their security awareness and training programs in an attempt to ensure that risks from human elements, which pose the greatest risks, are mitigated. The chapter conducts a thorough literature review in the area of security awareness and training and presents a classification scheme and a conceptual research model to provide insights into the existing body of knowledge in the area. Trends and analyses are also presented from the reviewed papers, which can be of importance to organizations in improving their security awareness programs. The insights from the study can be leveraged to build a strong human wall against both internal and external threats that are fast evolving and causing tremendous amount of loss.

Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

2022 ◽  
pp. 139-156
Author(s):  
Winfred Yaokumah
Keyword(s):  
Cyber Security ◽  
Domain Knowledge ◽  
Training Programs ◽  
Cyber Attacks ◽  
Competency Model ◽  
Learning Theories ◽  
Security Awareness ◽  
Non Governmental Organizations ◽  
Security Competency ◽  
And Training

There is an urgent need for transformative changes in cyber security awareness and training programs to produce individuals and the workforce that can deal with business risks emanating from the prevailing and emerging cyber-attacks. This chapter proposes a cyber security competency model that integrates learning theories (cognitive, affective, and psychomotor), learning continuum hierarchy (awareness and training), and cyber security domain knowledge. Employing literature search of scholarly and practitioner works, together with cyber security standards from governmental and non-governmental organizations, the chapter integrates cyber security domain knowledge, learning theories, and learning continuum hierarchy to design a model of cyber security competencies suitable for use in educating individuals and the general workforce. This theoretical-based approach to designing cyber security awareness and training programs will produce skillful individuals and workforce that can mitigate cyber-attacks in the global business environment.

Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

2019 ◽  
pp. 94-110
Author(s):  
Winfred Yaokumah
Keyword(s):  
Cyber Security ◽  
Domain Knowledge ◽  
Training Programs ◽  
Cyber Attacks ◽  
Competency Model ◽  
Learning Theories ◽  
Security Awareness ◽  
Non Governmental Organizations ◽  
Security Competency ◽  
And Training

There is an urgent need for transformative changes in cyber security awareness and training programs to produce individuals and the workforce that can deal with business risks emanating from the prevailing and emerging cyber-attacks. This chapter proposes a cyber security competency model that integrates learning theories (cognitive, affective, and psychomotor), learning continuum hierarchy (awareness and training), and cyber security domain knowledge. Employing literature search of scholarly and practitioner works, together with cyber security standards from governmental and non-governmental organizations, the chapter integrates cyber security domain knowledge, learning theories, and learning continuum hierarchy to design a model of cyber security competencies suitable for use in educating individuals and the general workforce. This theoretical-based approach to designing cyber security awareness and training programs will produce skillful individuals and workforce that can mitigate cyber-attacks in the global business environment.

Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

2022 ◽  
pp. 262-279
Author(s):  
Winfred Yaokumah
Keyword(s):  
Cyber Security ◽  
Domain Knowledge ◽  
Training Programs ◽  
Cyber Attacks ◽  
Competency Model ◽  
Learning Theories ◽  
Security Awareness ◽  
Non Governmental Organizations ◽  
Security Competency ◽  
And Training

There is an urgent need for transformative changes in cyber security awareness and training programs to produce individuals and the workforce that can deal with business risks emanating from the prevailing and emerging cyber-attacks. This chapter proposes a cyber security competency model that integrates learning theories (cognitive, affective, and psychomotor), learning continuum hierarchy (awareness and training), and cyber security domain knowledge. Employing literature search of scholarly and practitioner works, together with cyber security standards from governmental and non-governmental organizations, the chapter integrates cyber security domain knowledge, learning theories, and learning continuum hierarchy to design a model of cyber security competencies suitable for use in educating individuals and the general workforce. This theoretical-based approach to designing cyber security awareness and training programs will produce skillful individuals and workforce that can mitigate cyber-attacks in the global business environment.

Using Extended Reality to Support Cyber Security

2020 ◽  
pp. 146-166
Keyword(s):  
Artificial Intelligence ◽  
Cyber Security ◽  
Game Design ◽  
Design Principles ◽  
Education And Training ◽  
Entertainment Industry ◽  
Security Threats ◽  
New Methods ◽  
Area Of Interest ◽  
And Training

Cyber security is a constantly evolving area of interest. Many solutions are currently available and new methods and technologies are emerging. Although some solutions already exist in extended reality, a lack of engagement and storytelling is available, with a consequence of decreasing the probability of dissemination and awareness of the risks involved in cybersecurity. This chapter gives an overview of an extended reality platform that can be potentially used for the simulation of security threats and that combines artificial intelligence and game design principles. The main goal of this research is to develop an extended reality solution to simulate a story involving virtual characters and objects for the entertainment industry, with possible applications in other sectors such as education and training. After an introduction to extended reality, the chapter focuses on an overview on the available extended reality technologies in the context of cybersecurity.

scholarly journals EVALUATION OF FUNCTIONING AND STATUS OF IMPLEMENTATION OF HEMOVIGILANCE PROGRAM OF INDIA IN THE BLOOD BANKS OF SOUTHERN KERALA

2018 ◽  
Vol 11 (2) ◽  
pp. 143
Author(s):  
Sreekumar Pk ◽  
Pramod Kumar Tm ◽  
Partha Sarathi G ◽  
Debasish Gupta ◽  
Pallavi Prakash
Keyword(s):  
Training Programs ◽  
Fresh Frozen Plasma ◽  
Blood Components ◽  
Blood Banks ◽  
Fresh Frozen ◽  
Awareness Programs ◽  
Pro Forma ◽  
Survey Approach ◽  
And Training ◽  
Frozen Plasma

 Objective: The objective of this study is to evaluate the functioning and status of implementation of hemovigilance program of India (HvPI) in the blood banks of southern Kerala.Methods: It was a survey approach to analyze the facilities, working nature, and status of implementation of hemovigilance program by the blood banks located in the three districts of southern Kerala. Both goevrnment and private sector blood banks were subjected to the survey. Standard pro forma was used to collect the data. Collected data were analyzed by percentages and ratios.Results: A total of 40 blood banks were covered in the study. All the blood banks were licensed for handling whole blood. 23 blood banks were licensed for handling blood components. 6 blood banks process 100% blood into components. Majority of blood banks have excellent demand for components. Packed red cells, platelet concentrate, and fresh frozen plasma were the significant components among the prepared components. Majority of the blood banks under the survey had hospital transfusion committee (HTC). 25 blood banks replied as the HvPI is an excellent/good system. However, only 11 blood banks were enrolled in the HvPI. Training programs for the resident doctors and nurses regarding with adverse transfusion reaction and their reporting were not conducted by 17 blood banks.Conclusion: Except very few blood banks, all are need more awareness and training programs. Attention should be given in the area such as underreporting, poor implementation of hemovigilance, only serious reactions reporting, and avoiding minor reactions. Core factor is proper functioning of HTC and awareness programs about hemovigilance system.

scholarly journals Anti-Phishing Awareness Delivery Methods

2021 ◽  
Vol 11 (6) ◽  
pp. 7944-7949
Author(s):  
A. Darem
Keyword(s):  
Social Networks ◽  
Educational Intervention ◽  
Training Programs ◽  
Security Awareness ◽  
Training Methods ◽  
Hard Problem ◽  
Delivery Methods ◽  
Phishing Attacks ◽  
Awareness Programs ◽  
And Behavior

Phishing attacks are increasingly exploited by cybercriminals, they become more sophisticated and evade detection even by advanced technical countermeasures. With cybercriminals resorting to more sophisticated phishing techniques, strategies, and different channels such as social networks, phishing is becoming a hard problem to solve. Therefore, the main objective for any anti-phishing solution is to minimize phishing success and its consequences through complementary means to advanced technical countermeasures. Specifically, phishing threats cannot be controlled by technical controls alone, thus it is imperative to complement cybersecurity programs with cybersecurity awareness programs to successfully fight against phishing attacks. This paper provides a review of the delivery methods of cybersecurity training programs used to enhance personnel security awareness and behavior in terms of phishing threats. Although there are a wide variety of educational intervention methods against phishing, the differences between the cybersecurity awareness delivery methods are not always clear. To this end, we present a review of the most common methods of workforce cybersecurity training methods in order for them to be able to protect themselves from phishing threats.

scholarly journals An Ontology Based Model for Cyber Security Awareness Education

10.29007/3xgx ◽  
2019 ◽  
Author(s):  
Nthabiseng Modiba ◽  
Sunday Ojo ◽  
Zenzo Ncube
Keyword(s):  
Cyber Security ◽  
Personal Information ◽  
Academic Community ◽  
Internet Security ◽  
The Body ◽  
Security Awareness ◽  
Literature Study ◽  
Protection Measures ◽  
Body Of Knowledge ◽  
Ontology Model

The internet has become a crucial part of our everyday lives so it is important to ensure that one is secure when surfing on it since personal information can be exchanged. Cyber security awareness is the key to internet security. The research discussed in this paper aims to develop an ontology model for cyber security awareness for educational purposes, to enable users to take responsibility for their own safety online. It aims to fill a gap in understanding of the cyber security awareness (CSA) education and to bridge the consensus gap between the Body of Knowledge (BoK) contributors. The research study was conducted using CURONTO (which is a curriculum ontology) model, to develop our CSA education ontology model that we propose. There are many attempts being made to allow for CSA education, but there remains a challenge of lack of consensus or common understanding of the CSA body of knowledge. There is need for a common model and format aimed at bringing together and putting in place, measures to address cybersecurity attacks. This will assist organizations and countries to close the gap and difference in the available CSA information globally, and to especially assist countries and organizations that are still developing cybersecurity protection measures, to have the information that they need readily available (Takahashi, Kadobayashi, 2011). We used an ontology because it will also be available to the academic community also to refine, extend or apply to other domains and also an ontology is both sharable and interoperable. In this paper we used the CURONTO model to develop our CSA ontology model for educational purposes, we expanded the one class of the model called syllabus and we added more classes so that it can serve for the CSA education. Then we did a literature study to develop a CSA syllabus from, the acquired syllabus was then represented in the model.

Information Security Awareness at Saudi Arabians’ Organizations

2012 ◽  
Vol 6 (3) ◽  
pp. 38-55 ◽  
Author(s):  
Zakarya A. Alzamil
Keyword(s):  
Information Security ◽  
Public Relations ◽  
The State ◽  
Security Threats ◽  
Security Awareness ◽  
Organizational Attitudes ◽  
Information Security Awareness ◽  
It Employees ◽  
Awareness Programs ◽  
Saudi Arabians

Information security awareness is human and organizational attitudes which can be described as a behavior or an attitude of an organization and/or its members towards protecting the organization’s information assets. The goal of this paper is to understand the state of the information security awareness at some of the Saudi Arabians’ organizations, i.e., governments and privates by investigating the perception of their information technology’s employees. The author believes that understanding the state of information security awareness of IT employees can give a better understanding of the level of awareness at the entire organization. The results of this study show that most of the IT employees at the surveyed organizations have some misconceptions about information security practices. In addition, many responses indicated that many IT employees are not aware of the internal information security threats. Such results required very urgent actions from the top management of these organizations to consider the information security awareness programs within their public relations and training programs.

scholarly journals SAWIT—Security Awareness Improvement Tool in the Workplace

2020 ◽  
Vol 10 (9) ◽  
pp. 3065
Author(s):  
Ana Kovačević ◽  
Sonja D. Radenković
Keyword(s):  
Artificial Intelligence ◽  
Collaborative Learning ◽  
Best Practices ◽  
Cyber Security ◽  
Training Programs ◽  
Transformation Model ◽  
Security Awareness ◽  
Web Tool ◽  
Knowledge Transformation ◽  
Previous Training

Cyberattacks are becoming increasingly sophisticated and severe, and an organization’s protection depends on its weakest member. Although users are aware of the risks in cyberspace, most of them do not follow best practices, and there is a need for permanent structured training. The majority of previous training programs concentrated on technically educated users, but the organization is only as secure as the most vulnerable link in it. The paper presents SAWIT, a new Web tool, created with the goal of improving security awareness among employees. It is an innovative artificial intelligence framework aimed at improving the cyber security knowledge of employees by using collaborative learning and assessment within the specified knowledge transformation model.

Sign in / Sign up

Export Citation Format

Share Document