Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A holistic model to create organizational information security awareness programs – iSAP
KTH, School of Information and Communication Technology (ICT).
2011 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

There is a large number of information security awareness programs (iSAP) found in the literature with multiple approaches. Considering that the number of security breaches performed by insiders is as high as 48%, the effectiveness of such programs is questionable. This leaves a considerable space for external, but also internal criminals, to perform and succeed in their attacks, something that can cause heavy losses (both economical and less tangible as reputation) to organizations. This thesis decided to study some of those iSAP to see their strengths and weaknesses.

After studying the approaches in focus for this thesis, and following an inductive research method, a new model to develop iSAP from a holistic point of view was presented. The solution has been aligned with subject matter experts (SME) at “Company X” and with end-users external to that company. The model is now ready to be studied empirically in organizations to evaluate its effectiveness.

Place, publisher, year, edition, pages
2011. , 126 p.
Series
Trita-ICT-EX, 173
Keyword [en]
Information security, security awareness program, security awareness, education, training, security measures/controls, end users/employees/ people (human factor), organizational culture, behaviour and motivation, bad guys
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:kth:diva-48050OAI: oai:DiVA.org:kth-48050DiVA: diva2:456704
Subject / course
Computer and Systems Sciences
Educational program
Master of Science - Information and Communication Systems Security
Uppsok
Technology
Examiners
Available from: 2011-11-15 Created: 2011-11-15 Last updated: 2011-11-15Bibliographically approved

Open Access in DiVA

fulltext(1625 kB)716 downloads
File information
File name FULLTEXT01.pdfFile size 1625 kBChecksum SHA-512
9a5ac705fbfaa0268b4682ced336f56cfd93c61422ad2f0e4ec94814f427fdb5a2b1b5e711605fde5f9cf699a432ee708f18e6c24149fbfc4c65e29e38b61365
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 716 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 333 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf