Enhance Organization’s Information Security Through Managing Employees Behaviour

Added on 2022-08-12

101 Pages27294 Words28 Views

Running head: MINIMIZING THE AFFECT OF HUMAN BEHAVIOUR RISKS RELATED
TO INFORMATION SECURITY
Enhance organization’s Information security through managing employees’ behaviour
Ali Alrashdi
2016132091
RES606 RESEARCH DESIGN AND PLANNING
Prof : Halim Boussabaine
The British University in Dubai

Enhance organization’s Information security through managing
employees’ behaviour1
Abstract
Into the information security practices, there are various numerous security breaches which are
caused due to human errors. One of the main contributions into this particular research study is
to make changes into holistic management of the information security for establishment of the
information security behavior countermeasure. There is lack of research is done on role as well
as impact of the multi behavior countermeasure dimensions on the information security. The
human factors are uncontrollable forces which interact with the technological elements to secure
of the information system. The human errors occur due to inadequate skills, lack of information
security awareness, intentional as well as unintentional errors to pose the risks towards the
information security.

Enhance organization’s Information security through managing
employees’ behaviour2
Table of Contents
Chapter 1: Developing the research agenda/Introduction...............................................................8
1.1 Introduction............................................................................................................................8
1.2 Research Background..........................................................................................................10
1.2.1 Human factors for information security.......................................................................11
1.3 Research problem statement................................................................................................14
1.4 Research questions...............................................................................................................15
1.5 Research aim and objectives................................................................................................15
1.6 Research scope.....................................................................................................................16
1.7 Research hypothesis.............................................................................................................17
1.8 Importance of the research...................................................................................................17
1.9 Research plan.......................................................................................................................19
1.10 Thesis structure..................................................................................................................19
1.11 Research novelty and contribution....................................................................................21
1.12 Summary............................................................................................................................23
Chapter 2: Development of theoretical background/ Literature review on human behaviour risks
related to information security.......................................................................................................24
2.1 Introduction..........................................................................................................................24
2.2 What is Information Security...............................................................................................24

Enhance organization’s Information security through managing
employees’ behaviour3
2.3 Information security behavior..............................................................................................25
2.4 Information Security Principles...........................................................................................27
2.5 Relevant Theories and Methods..........................................................................................28
2.6 Threats to Information Security: Human Behavior a constant risk.....................................35
2.6.1 Threats with information security.................................................................................35
2.6.2 Human Behavior as aspect of information security......................................................37
2.7 Information Security Standards and Guidelines..................................................................39
2.7.1 COBIT..........................................................................................................................39
2.8 Human factors have implications to end user’s behavior....................................................41
2.9 Human behaviour risks related to information security......................................................44
2.10 Organization Information Security Culture.......................................................................45
2.10.1 Organizational culture................................................................................................45
2.10.2 Information security culture.......................................................................................46
2.10.3 Cultural Change..........................................................................................................47
2.10.4 Cultural Impact on Human Behavior..........................................................................47
2.11 Information Security Policy...............................................................................................49
2.11.1 What is an Information Security Policy......................................................................49
2.11.2 User behavior with information security policy.........................................................50
2.11.3 Compliance with information security policy............................................................51
2.12 Human Computer Interaction (HCI) and Behaviors Change............................................52

Enhance organization’s Information security through managing
employees’ behaviour4
2.13 Insider Threats Behavior....................................................................................................54
2.14 Modeling human behavior to anticipate of insider attacks................................................56
2.15 Intrinsic and Extrinsic Motivators in Information Security Behavior...............................57
2.16 Insider Misuse and Incident Responses.............................................................................61
Chapter 3: Research Conceptual Framework................................................................................64
3.1 Introduction..........................................................................................................................64
3.2 Conceptual framework of the research study......................................................................64
3.3 Internal threat into Small and medium size enterprise........................................................66
3.4 Human’s behavior and information security system...........................................................68
3.5 Information security countermeasures.................................................................................69
1.6 Human security culture...................................................................................................71
3.7 Human behavior theory.......................................................................................................74
3.8 Summary..............................................................................................................................76
Chapter 4: Research Methodology................................................................................................77
4.1 Introduction..........................................................................................................................77
4.2 Research philosophy............................................................................................................77
4.3 Research approach...............................................................................................................79
4.4 Research design...................................................................................................................80
4.5 Data collection process........................................................................................................81
4.5.1 Data sources..................................................................................................................81

Enhance organization’s Information security through managing
employees’ behaviour5
4.5.2 Data analysis.................................................................................................................83
4.6 Sample and Sampling method.............................................................................................84
4.7 Validation and verification..................................................................................................85
4.8 Ethical considerations..........................................................................................................86
4.9 Limitations of the research study.........................................................................................87
4.10 Time horizons....................................................................................................................88
4.11 Summary............................................................................................................................89
References......................................................................................................................................91

Enhance organization’s Information security through managing
employees’ behaviour6
Table of Figures
Figure 1.1: Research plan process.................................................................................................19
Figure 2.1: Theory of reasoned action...........................................................................................30
Figure 2.2: Theory of planned behavior........................................................................................32
Figure 2.3: Protection motivation theory.......................................................................................33
Figure 2.4: General Deterrence Theory.........................................................................................34
Figure 2.5: Technology acceptance theory....................................................................................35
Figure 3.1: Conceptual framework of research study....................................................................65
Figure 3.2: Relations among threat countermeasures and human behavior..................................67

Enhance organization’s Information security through managing
employees’ behaviour7
Table of Tables
Table 2.1: Intrinsic and Extrinsic Motivators in Information Security Behavior..........................60
Table 3.1: Human security culture.................................................................................................74

End of preview

Want to access all the pages? Upload your documents or become a member.

(PDF) Human Behaviour as an aspect of Cyber Security

|91

|25023

|43

Software Development Lifecycles PDF

|107

|33743

|261

Asia Pacific Management Review

|79

|17932

|28

Economic and Commercial Traits of Singapore

|117

|23328

|25

Academy of Management Review Discussion 2022

|55

|22565

|26

The Role of Leadership in Stimulating Innovation in UK Retail Banking Sector

|12

|3768

|194

Enhance Organization’s Information Security Through Managing Employees Behaviour

End of preview

(PDF) Human Behaviour as an aspect of Cyber Securitylg...

Software Development Lifecycles PDFlg...

Asia Pacific Management Reviewlg...

Economic and Commercial Traits of Singaporelg...

Academy of Management Review Discussion 2022lg...