图书馆网络风险管理:爱沙尼亚图书馆员工信息安全意识分析

IF 1.3 Q2 INFORMATION SCIENCE & LIBRARY SCIENCE
Kate-Riin Kont
{"title":"图书馆网络风险管理:爱沙尼亚图书馆员工信息安全意识分析","authors":"Kate-Riin Kont","doi":"10.1108/lm-07-2023-0058","DOIUrl":null,"url":null,"abstract":"<h3>Purpose</h3>\n<p>This article surveys why libraries are vulnerable to social engineering attacks and how to manage risks of human-caused cyber threats on organizational level; investigates Estonian library staff awareness of information security and shares recommendations concerning focus areas that should be given more attention in the future.</p><!--/ Abstract__block -->\n<h3>Design/methodology/approach</h3>\n<p>The data used in this paper is based on an overview of relevant literature highlighting the theoretical points and giving the reasons why human factor is considered the weakest link in information security and cyber security and studying how to mitigate the related risks in the organisation. To perform the survey, a web questionnaire was designed which included 63 sentences and was developed based on the knowledge-attitude-behaviour (KAB) model supported by Kruger and Kearney and Human Aspects of Information Security Questionnaire (HAIS-Q) designed by Parsons <em>et al</em>.</p><!--/ Abstract__block -->\n<h3>Findings</h3>\n<p>The research results show that the information security awareness of library employees is at a good level; however, awareness in two focus areas needs special attention and should be improved. The output of this study is the mapping of seven focus areas of information security policy in libraries based on the HAIS-Q framework and the KAB model.</p><!--/ Abstract__block -->\n<h3>Originality/value</h3>\n<p>The cyber awareness of library employees has not been studied in the world using HAIS-Q and KAB model, and to the best of the authors’ knowledge, no research has been previously carried out in the Estonian library context into cyber security awareness.</p><!--/ Abstract__block -->","PeriodicalId":46701,"journal":{"name":"Library Management","volume":"29 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2024-02-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Management of cyber risks in the library: analysis of information security awareness of Estonian library employees\",\"authors\":\"Kate-Riin Kont\",\"doi\":\"10.1108/lm-07-2023-0058\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<h3>Purpose</h3>\\n<p>This article surveys why libraries are vulnerable to social engineering attacks and how to manage risks of human-caused cyber threats on organizational level; investigates Estonian library staff awareness of information security and shares recommendations concerning focus areas that should be given more attention in the future.</p><!--/ Abstract__block -->\\n<h3>Design/methodology/approach</h3>\\n<p>The data used in this paper is based on an overview of relevant literature highlighting the theoretical points and giving the reasons why human factor is considered the weakest link in information security and cyber security and studying how to mitigate the related risks in the organisation. To perform the survey, a web questionnaire was designed which included 63 sentences and was developed based on the knowledge-attitude-behaviour (KAB) model supported by Kruger and Kearney and Human Aspects of Information Security Questionnaire (HAIS-Q) designed by Parsons <em>et al</em>.</p><!--/ Abstract__block -->\\n<h3>Findings</h3>\\n<p>The research results show that the information security awareness of library employees is at a good level; however, awareness in two focus areas needs special attention and should be improved. The output of this study is the mapping of seven focus areas of information security policy in libraries based on the HAIS-Q framework and the KAB model.</p><!--/ Abstract__block -->\\n<h3>Originality/value</h3>\\n<p>The cyber awareness of library employees has not been studied in the world using HAIS-Q and KAB model, and to the best of the authors’ knowledge, no research has been previously carried out in the Estonian library context into cyber security awareness.</p><!--/ Abstract__block -->\",\"PeriodicalId\":46701,\"journal\":{\"name\":\"Library Management\",\"volume\":\"29 1\",\"pages\":\"\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2024-02-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Library Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/lm-07-2023-0058\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"INFORMATION SCIENCE & LIBRARY SCIENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Library Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/lm-07-2023-0058","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 0

摘要

本文调查了图书馆易受社会工程学攻击的原因,以及如何在组织层面管理人为造成的网络威胁的风险;调查了爱沙尼亚图书馆工作人员对信息安全的认识,并就未来应更多关注的重点领域提出了建议。本文使用的数据基于对相关文献的概述,强调了理论要点,给出了人为因素被认为是信息安全和网络安全最薄弱环节的原因,并研究了如何降低组织中的相关风险。为了进行调查,我们设计了一份包含 63 个句子的网络问卷,该问卷是根据 Kruger 和 Kearney 支持的知识-态度-行为(KAB)模型以及 Parsons 等人设计的信息安全人的方面问卷(HAIS-Q)编制的。研究结果研究结果表明,图书馆员工的信息安全意识处于良好水平;但是,两个重点领域的意识需要特别关注并加以改进。本研究的成果是根据 HAIS-Q 框架和 KAB 模型,绘制了图书馆信息安全政策的七个重点领域图。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Management of cyber risks in the library: analysis of information security awareness of Estonian library employees

Purpose

This article surveys why libraries are vulnerable to social engineering attacks and how to manage risks of human-caused cyber threats on organizational level; investigates Estonian library staff awareness of information security and shares recommendations concerning focus areas that should be given more attention in the future.

Design/methodology/approach

The data used in this paper is based on an overview of relevant literature highlighting the theoretical points and giving the reasons why human factor is considered the weakest link in information security and cyber security and studying how to mitigate the related risks in the organisation. To perform the survey, a web questionnaire was designed which included 63 sentences and was developed based on the knowledge-attitude-behaviour (KAB) model supported by Kruger and Kearney and Human Aspects of Information Security Questionnaire (HAIS-Q) designed by Parsons et al.

Findings

The research results show that the information security awareness of library employees is at a good level; however, awareness in two focus areas needs special attention and should be improved. The output of this study is the mapping of seven focus areas of information security policy in libraries based on the HAIS-Q framework and the KAB model.

Originality/value

The cyber awareness of library employees has not been studied in the world using HAIS-Q and KAB model, and to the best of the authors’ knowledge, no research has been previously carried out in the Estonian library context into cyber security awareness.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Library Management
Library Management INFORMATION SCIENCE & LIBRARY SCIENCE-
CiteScore
2.70
自引率
15.40%
发文量
30
期刊介绍: ■strategic management ■HRM/HRO ■cultural diversity ■information use ■managing change ■quality management ■leadership ■teamwork ■marketing ■outsourcing ■automation ■library finance ■charging ■performance measurement ■data protection and copyright As information services become more complex in nature and more technologically sophisticated, managers need to keep pace with innovations and thinking in the field to offer the most professional service with the resources they have.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信