Human Relationships: A Never-Ending Security Education Challenge?

Security&Privacy
2009
Issue No. 4 - July/August
Abstract - Human Relationships: A Never-Ending Security Education Challenge?

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Janne Hagen

Human Relationships: A Never-Ending Security Education Challenge?

July/August 2009 (vol. 7 no. 4)

pp. 65-67

	ASCII Text	x
	Janne Hagen, "Human Relationships: A Never-Ending Security Education Challenge?," IEEE Security and Privacy, vol. 7, no. 4, pp. 65-67, July/August, 2009.

	BibTex	x
	@article{ 10.1109/MSP.2009.92, author = {Janne Hagen}, title = {Human Relationships: A Never-Ending Security Education Challenge?}, journal ={IEEE Security and Privacy}, volume = {7}, number = {4}, issn = {1540-7993}, year = {2009}, pages = {65-67}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2009.92}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security and Privacy TI - Human Relationships: A Never-Ending Security Education Challenge? IS - 4 SN - 1540-7993 SP65 EP67 EPD - 65-67 A1 - Janne Hagen, PY - 2009 KW - Education KW - security and privacy KW - information security KW - human factors KW - security usability VL - 7 JA - IEEE Security and Privacy ER -

Janne Hagen, Norwegian Defense Research Establishment

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2009.92

Even with high usability of security measures, well-trained and loyal employees don't always behave according to security guidance and may thus represent a security risk. This unexpected behavior is explained by a chain of barriers that employees must overcome to achieve a compliant behavior with security policy requirements. The findings the author reports here open up a discussion on how current information security education might benefit from including more subjects on the human factor.

1. J.M. Hagen, "The Human Factor behind the Security Perimeter: Evaluating the Effectiveness of Organizational Information Security Measures and Employees' Contribution to Security," PhD dissertation submitted to the University of Oslo for defense, 2009.
2. E. Albrechtsen, Friend or Foe? Information Security Management of Employees, PhD dissertation, Norwegian Univ. Science and Technology, 2008.
3. A. Whitten and J.D. Tygar, "Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0," Proc. 8th Conf. Usenix Security Symp., Usenix Assoc., 1999, p. 14.
4. R. Morris and K. Thompson, "Password Security: A Case History," Comm. ACM, vol. 22, no. 11, 1979, pp. 594–597.

Index Terms:

Education, security and privacy, information security, human factors, security usability

Citation:

Janne Hagen, "Human Relationships: A Never-Ending Security Education Challenge?," IEEE Security and Privacy, vol. 7, no. 4, pp. 65-67, July/Aug. 2009, doi:10.1109/MSP.2009.92

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.