Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/50524

An Exploratory Study of Current Information Security Training and Awareness Practices in Organizations

File Size Format  
paper0637.pdf 538.86 kB Adobe PDF View/Open

Item Summary

Title:An Exploratory Study of Current Information Security Training and Awareness Practices in Organizations
Authors:Alshaikh, Moneer
Maynard, Sean B
Ahmad, Atif
Chang, Shanton
Keywords:Practice-based IS Research
information security training and awareness, information security management, security training and awareness activities
Date Issued:03 Jan 2018
Abstract:Effective information security training and awareness (ISTA) is essential to protect organizational information resources. Our review of industry best-practice guidelines on ISTA exposed two key deficiencies. First, they are presented at a conceptual-level without any empirical evidence of their validity. Second, the guidelines are generic (one size fits all) without consideration of the diversity in organizational contexts where they will be applied. Given these deficiencies in ISTA guidance, this paper reports on the findings of an exploratory study into how ISTA is implemented in different organizational contexts in six organizations. The paper identifies three challenges: the lack of motivational aspects in current ISTA program, the competition for employees’ attention and the difficulty in measuring the effectiveness of ISTA program. Several recommendations and suggestions were outlined to overcome these challenges.
Pages/Duration:10 pages
URI:http://hdl.handle.net/10125/50524
ISBN:978-0-9981331-1-9
DOI:10.24251/HICSS.2018.635
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Practice-based IS Research


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons