{"title":"资讯保安意识及训练是整体的关键因素-人类防火墙如何在资讯保安中发挥互补作用?","authors":"Erfan Koza","doi":"10.54941/ahfe1002201","DOIUrl":null,"url":null,"abstract":"Human elements have been identified as a factor in over 95% of all security incidents. Current technical preventive, corrective, and defensive mechanisms address intelligent and practical approaches to increase the resilience of information technology (IT) systems. However, these approaches do not fully consider the behavioral, cognitive, and heterogeneous motivations that lead to human failure in the security causal chain. In this paper, we present the Awareness Continuum Management Model (ACM2), which is a role-based and topic-based theoretical approach for an information security awareness and training program that uses Boyd’s observe–orient–decide–act (OODA) loop as a framework. The proposed ACM2 is based on the situational engineering method and regards the human firewall as an integral, indispensable, and complementary part of the holistic approach to increase IT systems’ resilience. The proposed approach can be applied to different types of organizations and critical infrastructure and can be integrated into existing training programs.","PeriodicalId":373044,"journal":{"name":"Human Factors in Cybersecurity","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Information Security Awareness and Training as a Holistic Key Factor – How Can a Human Firewall Take on a Complementary Role in Information Security?\",\"authors\":\"Erfan Koza\",\"doi\":\"10.54941/ahfe1002201\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Human elements have been identified as a factor in over 95% of all security incidents. Current technical preventive, corrective, and defensive mechanisms address intelligent and practical approaches to increase the resilience of information technology (IT) systems. However, these approaches do not fully consider the behavioral, cognitive, and heterogeneous motivations that lead to human failure in the security causal chain. In this paper, we present the Awareness Continuum Management Model (ACM2), which is a role-based and topic-based theoretical approach for an information security awareness and training program that uses Boyd’s observe–orient–decide–act (OODA) loop as a framework. The proposed ACM2 is based on the situational engineering method and regards the human firewall as an integral, indispensable, and complementary part of the holistic approach to increase IT systems’ resilience. The proposed approach can be applied to different types of organizations and critical infrastructure and can be integrated into existing training programs.\",\"PeriodicalId\":373044,\"journal\":{\"name\":\"Human Factors in Cybersecurity\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Human Factors in Cybersecurity\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.54941/ahfe1002201\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Human Factors in Cybersecurity","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.54941/ahfe1002201","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Information Security Awareness and Training as a Holistic Key Factor – How Can a Human Firewall Take on a Complementary Role in Information Security?
Human elements have been identified as a factor in over 95% of all security incidents. Current technical preventive, corrective, and defensive mechanisms address intelligent and practical approaches to increase the resilience of information technology (IT) systems. However, these approaches do not fully consider the behavioral, cognitive, and heterogeneous motivations that lead to human failure in the security causal chain. In this paper, we present the Awareness Continuum Management Model (ACM2), which is a role-based and topic-based theoretical approach for an information security awareness and training program that uses Boyd’s observe–orient–decide–act (OODA) loop as a framework. The proposed ACM2 is based on the situational engineering method and regards the human firewall as an integral, indispensable, and complementary part of the holistic approach to increase IT systems’ resilience. The proposed approach can be applied to different types of organizations and critical infrastructure and can be integrated into existing training programs.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
