Reinforcement and Consolidation of the Weakest Ring in information Security within Establishments
Main Article Content
Abstract
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.
References
Dhiren R. Patel, Information Security: Theory and Practice, PHI Learning, 2008.
William E. Perry, Management Strategies for Computer Security, Butterworth Publishers, 1985.
Robert L. Braun and Harold E. Davis, Computer Fraud: Analyzing Perpetrators and Methods. The CPA Journal, ABI/INFORM Global database, 2004.
Mark Wilson, Kevin Stine, Pauline Bowen, Information Security Training Requirements: A Role- and Performance-Based Model, National Institute of Standers and Technology, 2009.
Frank D. Appunn, Computer User Security: A model Facilitating Measurement, Ph.D. thesis, Capella University, Dissertations & Theses: Full Text database, Publication No. AAT 3304130, 2008.
Harold F. Tipton and Micki Krause, Information Security Management Handbook, 6th Edition, CRC Press, 2007.
R. Casmir, a Dynamic and Adaptive Information Security Awareness (DAISA) Approach. Stockholm University Department of Computer and Systems Sciences, Royal Institute of Technology, 2005.
Robert Held, Security Awareness – Are Your Users “clued in†or “clueless�, http://rr.sans.org/policy/sec_aware.php, 2001.
Thomas J. Bray, Security Actions during Reduction in Workforce Efforts: What to Do When Downsizing, Information system security, Vol. 11, No. 1, 2002.
G. Hinson, the True Value of Information Security Awareness. IsecT Publication, http://www.noticebored.com/html/why_awareness_.html. 2009.
ISO, Information Technology - Code of practice for information system security management, International Organization for Standardization/International Electrotechnical Commission (ISOIEC), 2005.
Dr. Gerald L. Kovacich, Edward Halibozek, the Manager's Handbook for Corporate Security: Establishing and Managing a Successful Assets Protection Program, Butterworth- Heinemann, 2003.
Mark Wilson and Joan Hash, Building an Information Technology Security Awareness and Training Program, National Institute of Standards and Technology, 2003.
Donn B. Parker, Fighting Computer Crime: A New Framework for Protecting Information, Computer Security Journal, Vol. 15, No. 4, John Wiley & Sons, 1998.
Nicholas Gaunt, Installing an Appropriate Information Security Policy, International Journal of Medical Informatics, Vol. 49, No. 1, 1998.
InfoSec Reading Room, Security Awareness: Implementing an Effective Strategy, http://www.sans.org/reading_room/papers/47/418.pdf, Sans Institute, 2002.
Richard Power, Computer Crime and Security Survey, Computer Security Issues & Trends, Vol. VIII, No.1, 2002.
The European Network and Information Security Agency (ENISA), Information security awareness in financial organizations, http:// http://www.enisa.europa.eu/doc/pdf/deliverables/is_awareness_financial_organisations.pdf, 2008.
T. Olzak, Strengthen Security with an Effective Security Awareness Program, http://adventuresinsecurity.com/Papers/Build_a_Security_Awareness_Program.pdf, Erudio Security LLC, 2006.
Mikko T. Siponen, On the Role of Human Morality in Information System Security: The Problems of Descriptivism and Non-descriptive Foundations, Proceedings of IS Security for Global Information Infrastructures, IFIP TC11 15th Annual Working Conference on Information System security, 2000.
Mikko T. Siponen, A Conceptual Foundation for Organizational Information Security Awareness, Information Management & Computer Security, Vol. 8, No.1. MCB UP Ltd, 2000.
Ronald L. Krutz and Russell Dean Vines, The CISSP Preparation Guide, John Wiley & Sons, 2002.
Telders E., Security awareness programs: a proactive approach, Computer Security Journal, Vol.7, No. 2. 1991.