Human aspects of information security and assurance : 16th IFIP WG 11.12 international symposium, HAISA 2022, Mytilene, Lesbos, Greece, July 6-8, 2022 : proceedings / / edited by Nathan Clarke and Steven Furnell
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Titolo: |
Human aspects of information security and assurance : 16th IFIP WG 11.12 international symposium, HAISA 2022, Mytilene, Lesbos, Greece, July 6-8, 2022 : proceedings / / edited by Nathan Clarke and Steven Furnell
|
| Pubblicazione: | Cham, Switzerland : , : Springer, , [2022] |
| ©2022 | |
| Descrizione fisica: | 1 online resource (334 pages) |
| Disciplina: | 004.6 |
| Soggetto topico: | Computer networks - Security measures |
| Computer security | |
| Persona (resp. second.): | FurnellSteven <1970-> |
| ClarkeNathan | |
| Nota di bibliografia: | Includes bibliographical references and index. |
| Nota di contenuto: | Intro -- Preface -- Organization -- Contents -- Cyber Security Education and Training -- Visual Programming in Cyber Range Training to Improve Skill Development -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Integrating a VPL into Cyber Range Training -- 4.1 Cyber Range Concept -- 4.2 SIEM Rule Creation with Blockly -- 5 Evaluation -- 5.1 Method and Procedure -- 5.2 Results and Discussion -- 6 Conclusion -- References -- Survey of Users' Willingness to Adopt and Pay for Cybersecurity Training -- 1 Introduction -- 2 Methodology -- 3 Results -- 4 Discussion -- 4.1 Answering the Research Questions -- 4.2 Contributions -- 4.3 Limitations and Future Work -- References -- A Thematic Content Analysis of the Cybersecurity Skills Demand in South Africa -- 1 Introduction -- 2 Related Literature -- 3 Thematic Content Analysis Using ATLAS.ti -- 3.1 First Phase: Pre-analysis -- 3.2 Second Phase: Material Exploration -- 3.3 Third Phase: Interpretation -- 4 General Results and Findings -- 4.1 Identified Industries -- 4.2 Job Locations -- 4.3 Job Levels -- 4.4 Qualifications and Certifications -- 5 Job Roles Results and Findings -- 5.1 Identified Job Roles, Knowledge, Skills and Abilities -- 5.2 Mapping of Identified Skills and Abilities to Job Categories -- 6 Discussion and Implications -- 7 Conclusion -- References -- Applying PDCA to Security, Education, Training and Awareness Programs -- 1 Introduction -- 2 Plan the SETA Program -- 2.1 The Source -- 2.2 The Type of Message -- 2.3 The Media -- 2.4 The Target -- 3 Do the SETA Program -- 4 Check the SETA Program -- 5 Adjust the SETA Program -- 6 Discussion and Perspectives -- 7 Conclusion -- References -- Exploring CyBOK with Topic Modeling Techniques -- 1 Introduction -- 2 Related Work -- 2.1 Topic Modeling -- 2.2 Cyber Security Frameworks -- 2.3 Text Mining in Cyber Security. |
| 3 Materials and Methods -- 3.1 BERTopic -- 3.2 Corpus Generation -- 3.3 Topic Modeling with BERTopic -- 4 Results -- 4.1 Topic Model Analysis -- 4.2 Topic Model vs CyBOK Chapters -- 5 Discussion -- 5.1 Topic Model Analysis -- 5.2 Topic Model vs CyBOK Chapters -- 5.3 Possible Expansions -- 5.4 Limitations -- 6 Conclusion -- 6.1 Future Work -- References -- COLTRANE - Towards a Methodology and Platform Supported Educational Basis for Cybersecurity Education -- 1 Introduction -- 2 COLTRANE Methodology -- 3 A Pilot Study -- 4 Outlook and Conclusion -- References -- An Investigation into Educational Process Models for Teaching Secure Programming -- 1 Introduction -- 2 Research Methodology -- 3 Secure Programming Education and Training -- 4 Educational Process Models -- 5 Thematic Content Analysis of Educational Process Models -- 5.1 Inputs -- 5.2 Integration (Combination) -- 5.3 Output -- 5.4 Reflection -- 6 Educational Process Model Elements for Teaching Secure Programming -- 6.1 Inputs for Teaching Secure Programming -- 6.2 Integration for Teaching Secure Programming -- 6.3 Outputs for Teaching Secure Programming -- 6.4 Reflection -- 7 Conclusion -- References -- Cybersecurity Knowledge Requirements for a Water Sector Employee -- 1 Introduction -- 2 Research Methodology -- 3 Planning the Review -- 3.1 Identifying the Need for a Review -- 3.2 Development of a Review Protocol -- 4 Conducting the Review -- 4.1 Searching the Literature -- 4.2 Screening for Inclusion and Exclusion -- 4.3 Data Extraction -- 4.4 Screening for Eligibility -- 4.5 Quality Assessment -- 5 Data Analysis and Synthesis -- 5.1 Familiarisation with the Data -- 5.2 Generating Initial Codes -- 5.3 Searching for Themes -- 5.4 Reviewing the Themes -- 5.5 Reporting on Findings -- 5.6 Framework for Defining the Cybersecurity Knowledge -- 6 Conclusion -- 6.1 Limitations and Future Research. | |
| References -- CAP: Patching the Human Vulnerability -- 1 Introduction -- 2 Literature Review -- 2.1 Existing Cyber Security Awareness and Training -- 2.2 Related Studies -- 2.3 Assessing and Measuring Skills -- 3 CAP Design -- 4 CAP Implementation and Analysis -- 4.1 CAP - User Viewpoint and Admin Configuration -- 4.2 Testing, Results, and Analysis -- 5 Conclusion -- References -- A Novel Framework for the Development of Age Appropriate Information Security Serious Games -- 1 Introduction -- 2 Background -- 2.1 Erikson's Stages of Psychosocial Development -- 2.2 Bandura's Social Cognitive Theory -- 2.3 Information Security Serious Games -- 3 Method -- 4 Framework Evaluation -- 4.1 3rdStage: 3-6 Years Old -- 4.2 4thStage: 6 Years Old to Adolescence, and 5thStage: Adolescence -- 5 Conclusion and Future Work -- References -- Cyber Security Culture -- Security Culture in Industrial Control Systems Organisations: A Literature Review -- 1 Introduction -- 2 Background on Security Culture -- 3 Methodology -- 4 Results -- 5 Discussion -- 6 Conclusion -- References -- Systematic Review of Factors that Influence the Cybersecurity Culture -- 1 Introduction -- 2 Research Aims -- 3 Background -- 4 Information Security and Cybersecurity -- 5 Research Method -- 5.1 Data Sources and Selection Criteria -- 5.2 Results -- 5.3 Cybersecurity Culture Factors -- 6 Discussion and Contribution -- 7 Limitations and Future Work -- 8 Conclusion -- Appendix -- References -- Cyber4Dev Security Culture Model for African Countries -- 1 Introduction -- 2 Research Problem and Research Questions -- 3 Background -- 3.1 Defining Information Security Culture and Cyber4Dev Security Culture -- 3.2 Cyber Security Challenges in Africa -- 3.3 Cyber Awareness in Africa -- 3.4 Why Promote a Cyber4Dev Security Culture? -- 4 Research Method -- 4.1 Information Sources -- 4.2 Eligibility Criteria. | |
| 4.3 Data Collection -- 5 Results -- 5.1 Synthesis of the Results -- 5.2 The African Perspective -- 6 Cyber4Dev Security Culture Model -- 7 Conclusion and Future Work -- References -- A Model for Information Security Culture with Innovation and Creativity as Enablers -- 1 Introduction -- 2 Background -- 2.1 Information Security Culture -- 2.2 Creativity and Innovation in an Organisation -- 2.3 Applying Creativity and Innovation in Information Security Culture -- 3 Research Methodology -- 4 Results -- 4.1 Creativity and Innovation in the Information Security Culture Context -- 4.2 Creativity and Innovation in an Organisational Culture Context -- 4.3 Conceptual Model -- 5 Conclusion and Future Work -- References -- Understanding Phishing in Mobile Instant Messaging: A Study into User Behaviour Toward Shared Links -- 1 Introduction -- 2 Literature Review -- 3 Methodology -- 4 Results -- 5 Discussion and Limitations -- 6 Conclusions -- References -- Privacy -- How Privacy Concerns Impact Swedish Citizens' Willingness to Report Crimes -- 1 Introduction -- 2 Methodology -- 3 Results -- 3.1 Analysis of the Results -- 3.2 Discussion of the Results -- 4 Conclusions -- References -- ``Your Cookie Disclaimer is Not in Line with the Ideas of the GDPR. Why?'' -- 1 Introduction -- 2 Related Work -- 3 Background -- 4 Methodology -- 4.1 Design Decisions for Communication -- 4.2 Procedure -- 5 Results -- 6 Discussion -- 7 Conclusion -- References -- A Survey of Australian Attitudes Towards Privacy: Some Preliminary Results -- 1 Introduction -- 2 Related Work -- 3 Method -- 4 Results and Discussion -- 4.1 Trust -- 4.2 Behaviour -- 4.3 Control -- 4.4 Awareness and Knowledge -- 5 The COVID-19 Effect -- 6 Conclusion -- References -- Designing and Evaluating a Prototype for Data-Related Privacy Controls in a Smart Home -- 1 Introduction -- 2 Background. | |
| 2.1 Privacy Control Design Factors and Sub-factors -- 2.2 Translating Privacy Control Design Factors into Design -- 3 Method -- 3.1 Stimulus (Prototype App) -- 3.2 Pre-study -- 3.3 Interview Study -- 3.4 Survey Study -- 4 Results -- 4.1 Task Accuracy -- 4.2 User Experience -- 4.3 Usability -- 4.4 Perceived Information Control -- 4.5 User Satisfaction -- 4.6 Behavioral Intention to Use -- 4.7 User Feedback -- 5 Discussion -- 5.1 Design Recommendations -- 5.2 Limitations and Future Work -- 6 Conclusion -- References -- Cyber Security Management -- An Exploratory Factor Analysis of Personality Factors: An Insider Threat Perspective -- 1 Introduction -- 2 Related Work -- 3 Theoretical Framing -- 4 Research Methodology -- 5 Data Analysis -- 6 Discussion of Findings -- 7 Implications for Theory and Practice -- 8 Conclusions -- Appendix A: Rotated Factor Loading -- References -- Policy Components - A Conceptual Model for Tailoring Information Security Policies -- 1 Introduction -- 2 Related Research -- 3 Research Method -- 4 Policy Component - Conceptual Model -- 5 Policy Component - Demonstration -- 5.1 Policy Component: Managing E-mails -- 5.2 Two Tailored Information Security Policies -- 6 Conclusion and Future Research -- References -- Security Fatigue: A Case Study of Data Specialists -- 1 Introduction -- 2 Literature Review -- 2.1 Security Complexity and Fatigue -- 2.2 Managing Security Fatigue -- 3 Research Design -- 3.1 Case Organisation and Participants -- 3.2 Data Collection and Analysis -- 4 Analysis and Findings -- 4.1 Awareness of Risks -- 4.2 Influence of Compliance Effort -- 4.3 Influence of Psychological Stress -- 4.4 Adequacy of Knowledge -- 5 Conclusion -- References -- Factors Influencing Cybercrime Reporting Behaviour in South African State-Owned Entities -- 1 Introduction -- 2 Conceptual Background and Hypotheses Development. | |
| 2.1 Perceptions of Law Enforcement Agencies. | |
| Titolo autorizzato: | Human Aspects of Information Security and Assurance |
| ISBN: | 3-031-12172-4 |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 996483161203316 |
| Lo trovi qui: | Univ. di Salerno |
| Opac: | Controlla la disponibilità qui |
Serie:
IFIP Advances in Information and Communication Technology Ser.