[HTML][HTML] Future forums: a methodology for exploring, gamifying, and raising security awareness of code-citizens
Future Forums are multiphase user centered design workshops, with the early phases
aiming to initiate discussions, that then leads to the co-design of game elements centered …
aiming to initiate discussions, that then leads to the co-design of game elements centered …
Selecting security champions
T Gabriel, S Furnell - Computer Fraud & Security, 2011 - Elsevier
It takes a certain type of person to properly promote and manage security issues. But can we
identify specific links between security behaviours and personality types? Trevor Gabriel …
identify specific links between security behaviours and personality types? Trevor Gabriel …
An investigation of security conversations in stack overflow: Perceptions of security and community involvement
Developers turn to Stack Overflow and other on-line sources to find solutions to security
problems, but little is known about how they engage with and guide one another in these …
problems, but little is known about how they engage with and guide one another in these …
[PDF][PDF] Information security awareness: A review of methods, challenges and solutions
M Alotaibi, W Alfehaid - … of the ICITST-WorldCIS-WCST-WCICSS …, 2018 - researchgate.net
In the information security field, the human factor is the vulnerability considered to be the
most unpredictable one. In addition, the human factor is characterized by being the most …
most unpredictable one. In addition, the human factor is characterized by being the most …
An identification of variables influencing the establishment of information security culture
A significant volume of security breaches occur as a result of the human aspects and it is
consequently important for these to be given attention alongside technical aspects. Many …
consequently important for these to be given attention alongside technical aspects. Many …
The professionalisation of information security: Perspectives of UK practitioners
RP Reece, BC Stahl - Computers & Security, 2015 - Elsevier
In response to the increased “cyber” threats to business, the UK and US Governments are
taking steps to develop the training and professional identity of information security …
taking steps to develop the training and professional identity of information security …
Deliver security awareness training, then repeat:{Deliver; Measure Efficacy}
Organisational information security policy contents are disseminated by awareness and
training drives. Its success is usually judged based on immediate post-training self-reports …
training drives. Its success is usually judged based on immediate post-training self-reports …
From security policy to practice: Sending the right messages
C Chipperfield, S Furnell - Computer Fraud & Security, 2010 - Elsevier
If it is to be truly successful, security requires engagement right across an organisation. It
needs to be embedded in everyday operations and championed from both the top of an …
needs to be embedded in everyday operations and championed from both the top of an …
The boundedly rational employee: Security economics for behaviour intervention support in organizations
Security policy-makers (influencers) in an organization set security policies that embody
intended behaviours for employees (as decision-makers) to follow. Decision-makers then …
intended behaviours for employees (as decision-makers) to follow. Decision-makers then …
Talking about security with professional developers
This paper describes materials developed to engage professional developers in discussions
about security. First, the work is framed in the context of ethnographic studies of software …
about security. First, the work is framed in the context of ethnographic studies of software …