Information Security Awareness in Public Administrations

Public Management and Administration Pub Date : 2018-08-29 DOI:10.5772/INTECHOPEN.74572

M. Scholl

{"title":"Information Security Awareness in Public Administrations","authors":"M. Scholl","doi":"10.5772/INTECHOPEN.74572","DOIUrl":null,"url":null,"abstract":"Government digital agendas worldwide go hand in hand with the digital transfor- mation in businesses and public administrations as well as the digital changes taking place in society. Information security (IS) and awareness (ISA) must be an integrated part of these agendas. The goal of IS is to protect information of all types and origins. Here, the employees play a necessary and significant role in the success of IS, and the entire staff of an institution need to know about their specific roles and be aware of the information security management system (ISMS). As there are still fundamental strategic deficiencies in the institutions themselves, humans should not be called “the weakest link” in the security chain. Rather, sustainable awareness-raising and train- ing for people should be established in the institutions using interactive, authentic, and game-based learning methods. Psychological studies show the great importance of emotionalization when communicating IS knowledge and the reliable exchange of experience about IS. However, in many institutions, a change in culture is becoming necessary. IS must be integrated into all (business) processes and projects, and viable safeguards must be included. This chapter summarizes the most important scientific findings and transfers them to the practice of public administrations in Germany. Moreover, it shows examples of learning methods and provides practical assistance for IS sensitization and training.","PeriodicalId":339668,"journal":{"name":"Public Management and Administration","volume":"81 2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Public Management and Administration","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5772/INTECHOPEN.74572","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Government digital agendas worldwide go hand in hand with the digital transfor- mation in businesses and public administrations as well as the digital changes taking place in society. Information security (IS) and awareness (ISA) must be an integrated part of these agendas. The goal of IS is to protect information of all types and origins. Here, the employees play a necessary and significant role in the success of IS, and the entire staff of an institution need to know about their specific roles and be aware of the information security management system (ISMS). As there are still fundamental strategic deficiencies in the institutions themselves, humans should not be called “the weakest link” in the security chain. Rather, sustainable awareness-raising and train- ing for people should be established in the institutions using interactive, authentic, and game-based learning methods. Psychological studies show the great importance of emotionalization when communicating IS knowledge and the reliable exchange of experience about IS. However, in many institutions, a change in culture is becoming necessary. IS must be integrated into all (business) processes and projects, and viable safeguards must be included. This chapter summarizes the most important scientific findings and transfers them to the practice of public administrations in Germany. Moreover, it shows examples of learning methods and provides practical assistance for IS sensitization and training.

查看原文本刊更多论文

公共行政部门的信息安全意识

世界各地的政府数字议程与企业和公共行政部门的数字化转型以及社会上正在发生的数字化变化密切相关。信息安全(IS)和信息意识(ISA)必须成为这些议程的组成部分。IS的目标是保护所有类型和来源的信息。在这里，员工对信息安全管理系统的成功发挥着必要和重要的作用，机构的全体员工需要了解他们的具体角色，并了解信息安全管理系统(ISMS)。由于制度本身仍存在根本性的战略缺陷，人不应被称为安全链上“最薄弱的一环”。相反，应该在机构中建立可持续的提高认识和培训，使用互动、真实和基于游戏的学习方法。心理学研究表明，在交流IS知识和可靠的IS经验交流时，情绪化是非常重要的。然而，在许多机构中，文化的改变是必要的。必须将信息系统集成到所有(业务)流程和项目中，并且必须包含可行的保障措施。本章总结了最重要的科学发现，并将其应用于德国的公共行政实践。此外，它还展示了学习方法的例子，并为信息系统的宣传和培训提供了实际帮助。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Public Management and Administration

自引率

0.00%

发文量