{"title":"一项评估零售商店资讯安全文化制定的人种志研究","authors":"A. Greig, K. Renaud, Stephen Flowerday","doi":"10.1109/WorldCIS.2015.7359415","DOIUrl":null,"url":null,"abstract":"The behaviour of the employee has the potential to either strengthen or weaken security, and it is therefore vital to foster a culture of security within organizations. The hope is that such a culture will ensure that behaviour becomes more secure over time, essentially reducing security incidents. Organizations attempt to nurture such a culture, mostly by means of educating their employees and having a comprehensive set of regularly-updated security policies. They are required to carry out regular security audits. These are usually in the form of checkbox-type assessments, ascertaining that the organization has all the correct mechanisms in place to maximize security of information. We carried out an ethnographic investigation into the security culture of a single retail store that is part of a large nationwide organization in the United Kingdom. The study surprisingly revealed poor security culture, despite the organization as a whole seemingly following good practice with respect to education and policy.","PeriodicalId":234497,"journal":{"name":"2015 World Congress on Internet Security (WorldCIS)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"An ethnographic study to assess the enactment of information security culture in a retail store\",\"authors\":\"A. Greig, K. Renaud, Stephen Flowerday\",\"doi\":\"10.1109/WorldCIS.2015.7359415\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The behaviour of the employee has the potential to either strengthen or weaken security, and it is therefore vital to foster a culture of security within organizations. The hope is that such a culture will ensure that behaviour becomes more secure over time, essentially reducing security incidents. Organizations attempt to nurture such a culture, mostly by means of educating their employees and having a comprehensive set of regularly-updated security policies. They are required to carry out regular security audits. These are usually in the form of checkbox-type assessments, ascertaining that the organization has all the correct mechanisms in place to maximize security of information. We carried out an ethnographic investigation into the security culture of a single retail store that is part of a large nationwide organization in the United Kingdom. The study surprisingly revealed poor security culture, despite the organization as a whole seemingly following good practice with respect to education and policy.\",\"PeriodicalId\":234497,\"journal\":{\"name\":\"2015 World Congress on Internet Security (WorldCIS)\",\"volume\":\"41 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-12-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 World Congress on Internet Security (WorldCIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WorldCIS.2015.7359415\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 World Congress on Internet Security (WorldCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WorldCIS.2015.7359415","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An ethnographic study to assess the enactment of information security culture in a retail store
The behaviour of the employee has the potential to either strengthen or weaken security, and it is therefore vital to foster a culture of security within organizations. The hope is that such a culture will ensure that behaviour becomes more secure over time, essentially reducing security incidents. Organizations attempt to nurture such a culture, mostly by means of educating their employees and having a comprehensive set of regularly-updated security policies. They are required to carry out regular security audits. These are usually in the form of checkbox-type assessments, ascertaining that the organization has all the correct mechanisms in place to maximize security of information. We carried out an ethnographic investigation into the security culture of a single retail store that is part of a large nationwide organization in the United Kingdom. The study surprisingly revealed poor security culture, despite the organization as a whole seemingly following good practice with respect to education and policy.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
