Human aspects of information security and assurance : 15th IFIP WG 11.12 international symposium, HAISA 2021, virtual event, July 7-9, 2021 : proceedings / / Steven Furnell and Nathan Clarke (editors)
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Titolo: |
Human aspects of information security and assurance : 15th IFIP WG 11.12 international symposium, HAISA 2021, virtual event, July 7-9, 2021 : proceedings / / Steven Furnell and Nathan Clarke (editors)
|
| Pubblicazione: | Cham, Switzerland : , : Springer, , [2021] |
| ©2021 | |
| Descrizione fisica: | 1 online resource (229 pages) |
| Disciplina: | 005.8 |
| Soggetto topico: | Computer security |
| Application software | |
| Computer networks - Security measures | |
| Persona (resp. second.): | ClarkeNathan |
| FurnellSteven <1970-> | |
| Nota di bibliografia: | Includes bibliographical references and index. |
| Nota di contenuto: | Intro -- Preface -- Organization -- Contents -- Attitudes and Perspectives -- Cyber Security in Healthcare Organisations -- 1 Introduction -- 1.1 Research Aim -- 2 Literature Review -- 3 Research Method -- 3.1 Description of Goal Attainment Scaling (GAS) -- 3.2 Phase 1: Development of the GAS Evaluation Instrument -- 3.3 Phase 2: Use the GAS Evaluation Instrument -- 3.4 Phase 3: Analyse the Evaluation Results and Report to Management -- 4 Results -- 5 Limitations and Future Research -- 6 Conclusions -- References -- Cybersecurity and Digital Exclusion of Seniors: What Do They Fear? -- 1 Introduction -- 2 Research Approach -- 3 Results and Analysis -- 3.1 Fear of Doing Wrong -- 3.2 Fear of New Technology -- 3.3 Fear of Being Conned -- 3.4 Shame -- 4 Discussion and Conclusion -- References -- Exploring Experiences of Using SETA in Nordic Municipalities -- 1 Introduction -- 2 Research Approach -- 3 Results and Analysis -- 4 Discussion and Conclusion -- References -- Cyber Security Education -- SherLOCKED: A Detective-Themed Serious Game for Cyber Security Education -- 1 Introduction -- 2 Literature Review -- 3 SherLOCKED: A Detective-Themed Serious Game for Security Education -- 3.1 Game Context -- 3.2 The Game -- 4 User Study and Discussion -- 4.1 Study Design -- 4.2 Results and Discussion -- 5 Conclusion and Future Work -- References -- A Reference Point for Designing a Cybersecurity Curriculum for Universities -- 1 Introduction -- 2 Research Aims -- 3 Background -- 4 Research Methodology -- 4.1 Research Method -- 4.2 Academic Publications Defining Cybersecurity Curricula -- 4.3 Results -- 4.4 Cybersecurity Curricula of Universities -- 4.5 Best Practice and Industry Frameworks for Cybersecurity Curricula -- 5 Reference Point for a Cybersecurity Curriculum -- 6 Conclusion -- References. |
| A Conceptual Information Security Culture Framework for Higher Learning Institutions -- 1 Introduction -- 2 Research Aim and Question -- 3 Background -- 3.1 Understanding Information Security Culture -- 3.2 Organisational Culture and Information Security Culture -- 4 Cultivating Information Security Culture in Universities -- 5 Scoping Literature Review -- 5.1 Results of Scoping Literature Review -- 5.2 Factors for Cultivating Information Security Culture -- 5.3 Literature Gaps Identified -- 6 A Conceptual Information Security Culture Framework -- 6.1 The STOPE View -- 6.2 The Relationship of STOPE Components -- 6.3 Schein's Concept of Organisational Culture -- 7 The InfoSeCulF -- 8 Limitations and Future Research -- 9 Conclusion -- References -- What Can We Learn from the Analysis of Information Security Policies? The Case of UK's Schools -- 1 Introduction -- 2 Background -- 3 Data Collection and Analysis -- 3.1 Content of ISPs -- 3.2 Accessibility -- 3.3 Updating of ISPs -- 4 Discussion and Conclusions -- References -- A Wolf, Hyena, and Fox Game to Raise Cybersecurity Awareness Among Pre-school Children -- 1 Introduction -- 2 Cybersecurity -- 3 Cybersecurity Awareness for Pre-school Children -- 3.1 Example Resources from Literature -- 3.2 Play as a Mode of Awareness and Knowledge Acquisition -- 4 Serious Games for Pre-school Children -- 5 Serious Game Implementation -- 6 Reflection -- 7 Conclusion and Future Work -- References -- Evaluation Strategies for Cybersecurity Training Methods: A Literature Review -- 1 Introduction -- 2 Methodology -- 3 Results -- 3.1 Initial Categorization of Included Papers -- 3.2 Identification of Evaluation Methods -- 3.3 Analysis of Evaluation Methods -- 3.4 Discussion on the Results -- 4 Conclusions -- References -- People and Technology. | |
| When Googling It Doesn't Work: The Challenge of Finding Security Advice for Smart Home Devices -- 1 Introduction -- 2 Literature Review -- 3 Methodology -- 4 Results -- 4.1 Sources of Information -- 4.2 Reported Threats -- 4.3 Types of Advice Needed and Provided -- 5 Discussion -- 6 Limitations and Future Work -- 7 Conclusions -- References -- Making Access Control Easy in IoT -- 1 Introduction -- 2 The MUD Standard -- 3 Related Work -- 4 Method -- 5 Results -- 6 Conclusions -- References -- The Development of a Multidisciplinary Cybersecurity Workforce: An Investigation -- 1 Introduction -- 2 Related Work -- 3 Cybersecurity Roles, Subject Disciplines, and Knowledge Areas Mapping -- 4 Investigations -- 4.1 Results -- 5 Conclusions and Future Directions -- References -- Friend or Foe: An Investigation into Recipient Identification of SMS-Based Phishing -- 1 Introduction -- 2 Literature Review -- 2.1 Phishing Techniques and Tactics -- 2.2 External Factors -- 2.3 Summary -- 3 Methodology -- 3.1 Data Collection -- 4 Survey Findings -- 4.1 Phishing Messages -- 4.2 Genuine Messages -- 4.3 Analysis of External Factors -- 5 Conclusion -- Appendix -- References -- Towards a Risk Assessment Matrix for Information Security Workarounds -- 1 Introduction -- 2 Information Security Risk Assessment -- 3 Workarounds Defined -- 4 Factors that Influence Workarounds -- 4.1 The Employee Decision-Making Process -- 4.2 Environmental Factors -- 5 Alter's Theory of Workarounds -- 6 Workaround Classification and Risk Assessment -- 7 Conclusion -- References -- A Theoretical Underpinning for Examining Insider Attacks Leveraging the Fraud Pentagon -- 1 Introduction -- 2 Related Work -- 3 A Theoretical Underpinning for Insider Attacks -- 4 Implications for Practice -- 5 Conclusion -- References -- A Literature Review on Virtual Reality Authentication -- 1 Introduction. | |
| 2 Methods -- 3 Findings -- 3.1 Types of Authentication -- 3.2 Security Evaluation of Proposed Authentication Protocols -- 3.3 User Studies -- 4 Discussions and Implications -- 5 Conclusion -- References -- Performance and Usability of Visual and Verbal Verification of Word-Based Key Fingerprints -- 1 Introduction -- 2 Background and Related Work -- 3 Method -- 3.1 Design -- 3.2 Participants -- 3.3 Materials and Task -- 3.4 Procedure -- 4 Results -- 4.1 Performance: Task Completion Time and Errors -- 4.2 Perceived Usability and Related Concepts -- 4.3 Effect of Preferred Information Style: Verbal Versus Visual -- 5 Discussion and Conclusions -- References -- The One-Eyed Leading the Blind: Understanding Differences Between IT Professionals and Non-IT Staff When Creating and Managing Passwords -- 1 Introduction -- 2 Prior Research -- 2.1 User Generated Passwords -- 2.2 Defining and Categorizing Password Practices -- 2.3 Unsafe Passwords Creation and Management Practices -- 3 Research Problem and Objectives -- 4 Research Methods -- 5 Research Results -- 5.1 Descriptive Analysis -- 5.2 Inferential Analysis -- 6 Managerial Implications and Recommendations -- 7 Limitations and Future Research -- References -- Author Index. | |
| Titolo autorizzato: | Human Aspects of Information Security and Assurance |
| ISBN: | 3-030-81111-5 |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 9910491023603321 |
| Lo trovi qui: | Univ. Federico II |
| Opac: | Controlla la disponibilità qui |
Serie:
IFIP Advances in Information and Communication Technology