Issue No.04 - July/August (2009 vol.7)
Janne Hagen , Norwegian Defense Research Establishment
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2009.92
Even with high usability of security measures, well-trained and loyal employees don't always behave according to security guidance and may thus represent a security risk. This unexpected behavior is explained by a chain of barriers that employees must overcome to achieve a compliant behavior with security policy requirements. The findings the author reports here open up a discussion on how current information security education might benefit from including more subjects on the human factor.
Education, security and privacy, information security, human factors, security usability
Janne Hagen, "Human Relationships: A Never-Ending Security Education Challenge?", IEEE Security & Privacy, vol.7, no. 4, pp. 65-67, July/August 2009, doi:10.1109/MSP.2009.92