This document is a literature review on information security culture, focusing on the environment of the Internet of Things, the significance of human behavior in managing risks, and the rise of security awareness programs. It identifies gaps in the present literature and suggests a shift towards a socio-cultural approach to information security.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head:INFORMATION SECURITY CULTURE Information security culture Name of the student: Name of the university: Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SECURITY CULTURE Literature review with gap identification on information security culture: Thecultureofinformationsecurityprovidesguidanceregardingvariousaspectsare performed in any business. This is in terms of information security. This aims to sure the data resources and influencing the security behaviour of the employees. In the following study, a literature review is done with identification of gaps. This includes the environment of the Internet of Things. Next, the significance of human behaviour to manage the risks of information security under the IoT environment is analyzed here. Further, there is the rise of efficiency of programs of security awareness for business and individuals. 1. Understanding the user behaviour framework under the environment of the Internet of Things: AlHogail(2015)states that suitable use and social behaviour as we create the Internet of Things of IoT. This has been rousingly interconnected under the environment of cyber-biological and physical scenario. This links people, data, systems and devices. The IoT, at his best, has the efficiency of generating the integrated ecosystem. This can react to the spectrum of necessities. This has been rising the scopes and efficiencies. Further, people are empowered with the help of technology. This also includes the overall technology with intelligence. At the worst case, the IoT is able to open the box of Pandora with unsafe and inappropriate behaviour, intrusiveness and unintended consequences. Information security: The IoT or Internet of Things devices has been quickly turning ubiquitous. This has been as the IoT services have been turning to pervasive. The cyber-attacks have been new to IoT and has
2INFORMATION SECURITY CULTURE been deeply interwoven for the users. Hence, it has turned into an essential step and consider cyber defence in a serious manner as highlighted byFlores and Ekstedt (2016). Risk management: Risk management is a set of practice and process utilized for determining the limits and potential risks for adverse outcomes. IT risk management is applicable to the practices of risk management. It manages the risk of business that has involved every facet regarding ho the business can utilize the technology.Da Veiga and Martins (2015)there is a notable rise in IoT that has drastically raised the quantity of risk management. This has also involved the challenges of security with the face of business. Next, the cybercriminals have launched potentially harmful risks. Further, Parsons et al. (2015)also shows that the number of devices that require security has also been rising as the IoT has been expanding. Security behaviour: There are various issues that secure IoT devices. This assures end-to-end security under the environment of IoT.Safa Von Solms and Furnell (2016) identifies thatsince the concept of the appliances of networking and additional objectives has been considered innovative. The security is no seen as the topmost priority. Here, the other elements have been relatively new. Here, the security has not always been seen as the topmost priority as the phase of the product design. Moreover, IoT is currently a nascent market. Hence, various manufacturers and designers have been interested in getting products for market quality. This is instead of considering the essential steps to create security from the beginning.
3INFORMATION SECURITY CULTURE 2. Significance of human behaviour in managing risks of information security under the IoT environment: The data of consumer IoT can be used in different manners. This is helpful to provide the signals of proximity for making the payments smaller and then authenticate the manufactured goods. It has been helpful to provide the place based metric with media optimization. Further, it has been helpful to deliver optimization and event-based metrics. Further,Safa et al. (2015) mentions thatit has been providing the signal for various measurements of closed loops of the consumer path in purchasing. The human behaviour can continue to heighten the experience of consumers and ten personalize the messaging and contents and various experiences. This is to access as the data of IoT data expands. Having the objects that are connected with consumers, the human begins can gain the data in the dimension of self-data and quantitative contexts that have not been available previously as explained byAlKalbani, Deng and Kam (2015). 3.Riseofefficiencyofthesecurityawarenessprogramforbusinessand individuals: Martins and da Veiga (2015) explains thatthis can be done through complying with the federal and local regulations and laws. Then all the elements must be getting on board with the overall organization. Further, a necessary baseline of the analysis must be established. Further, a system that has clear communication regarding the program must be created. Then, one must make the training to be intriguing with a minimum of bit entertaining. Further, there should be repeating, reviewing and enforcing. Lastly, a culture of motivation and reinforcement must be developed or constant learning and vigilance.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4INFORMATION SECURITY CULTURE 4. Gaps in the present literature: The above literature never talks about the breach of privacy, over the dependability of the technology and loss of jobs. As anything has been put over the Online, it is always present there. Further, study overlooks the security measures for protecting data and the possibility of the hackers who have been breaking the system and then stealing the data. As there is only one business, that can give rise to a monopoly. Further, the literature has skipped other argument against the IoT on the over-reliance of technology. Since the time progresses, the present generation has risen up with ready availability of the technology and the Internet. Apart from this, there is a dependency on the technology on a regular basis that is overlooked in the analysis. This is done to undertake decisions through the data that has been given rise to the lead of devastation. The management of information security has been disregarding the human dimension. Here, the primary focus has been on procedural and technical measures. Here, the user has been witnessed as the enemy of security and never the resource of the security. In the above study, various concerns are addressed that has been merging form the sight. This one can suggest the shift in paradigm form various technical approaches towards the socio-cultural one. It is from the user is my enemy and the user if the security resource approach. The study helps in understanding the idea of corporate culture and display the exemplary of the instances of security culture.
5INFORMATION SECURITY CULTURE References: [1] A. AlHogail,Design and validation of information security culture framework.Computers in Human Behavior, 2015,49, pp.567-575. [2] W.R. Flores and M. Ekstedt, M., Shaping intention to resist social engineering through transformational leadership, information security culture and awareness.computers & security, 2016,59, pp.26-44. [3] A. Da Veiga and N. Martins, N, Improving the information security culture through monitoring and implementation actions illustrated through a case study.Computers & Security,2015,49, pp.162-176. [4] K.M. Parsons, E. Young, M.A. Butavicius, A. McCormac, M.R. Pattinson, and C. Jerram,The influence of organizational information security culture on information security decision making. Journal of Cognitive Engineering and Decision Making, 2015,9(2), pp.117-129. [5] N.S. Safa, R. Von Solms, and S. Furnell, Information security policy compliance model in organizations.Computers & Security, 2016,56, pp.70-82. [6] N.S. Safa, M. Sookhak, R. Von Solms, S. Furnell, N.A. Ghani and T. Herawan, T, Information security conscious care behaviour formation in organizations.Computers & Security, 2015,53, pp.65-78. [7] A. AlKalbani, H. Deng and B. Kam,Organisational Security Culture and Information Security Compliance for E-Government Development: The Moderating Effect of Social Pressure. InPACIS, 215, July (p. 65).
6INFORMATION SECURITY CULTURE [8] N. Martins and A. da Veiga, A., An Information Security Culture Model Validated with Structural Equation Modelling. InHAISA, 2015(pp. 11-21).