离职者、信息安全意识和知识管理策略

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

International Journal of Information Security and Privacy Pub Date : 2015-10-02 DOI:10.1080/15536548.2015.1105594

Hongbo Lyu, Z. Zhang

{"title":"离职者、信息安全意识和知识管理策略","authors":"Hongbo Lyu, Z. Zhang","doi":"10.1080/15536548.2015.1105594","DOIUrl":null,"url":null,"abstract":"Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":null,"pages":null},"PeriodicalIF":0.5000,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Job Quitters, Information Security Awareness, and Knowledge Management Strategies\",\"authors\":\"Hongbo Lyu, Z. Zhang\",\"doi\":\"10.1080/15536548.2015.1105594\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.\",\"PeriodicalId\":44332,\"journal\":{\"name\":\"International Journal of Information Security and Privacy\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2015-10-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/15536548.2015.1105594\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/15536548.2015.1105594","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 6

摘要

信息安全文化在提高公司员工的安全意识方面起着至关重要的作用。知识管理计划可以帮助将文化上不适应的员工转变为拥有必要的安全意识水平并与公司的信息安全文化保持一致的员工。本文通过对企业最佳知识管理绩效商数(KMPQ)的分析建模和研究，将不适合企业安全文化的员工转化为适合企业安全文化的员工，从而提高企业的组织安全意识水平(OLSA)，使企业的总收益最大化。当潜在的安全威胁来自所有离开公司的员工，无论是自愿的还是非自愿的，本研究的结果表明，如果安全威胁的损失小于特定的阈值水平，公司应该实施全面的知识管理举措，以实现尽可能高的KMPQ。本研究进一步区分了安全威胁的三种来源(自愿不适合辞职、自愿适合辞职和非自愿辞职)，并据此评估了公司的最佳KMPQ。此外，本文还在研究的决策框架基础上阐述了企业知识管理战略的实施过程。本研究为从业者有效地实施知识管理策略以在组织内建立成功的信息安全文化提供了有价值的指导。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Job Quitters, Information Security Awareness, and Knowledge Management Strategies

Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-

CiteScore

2.50

自引率

0.00%

发文量

期刊介绍： As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.