Title: Enhancing information security education and awareness: Proposed characteristics for a model
Abstract: The use of models has been one of the prevalent approaches to enhancing information security education and awareness in existing literature. Models provide step by step problem solving opportunities and are thus essential in security education and awareness activities. This paper categorized models for enhancing security education and awareness based on their stakeholder domains into: End-Users, Institutions and Industry domains. Analysis of literature on information security education and awareness indicates that approaches for enhancing end-users' security knowledge do exist, as do models for promoting organizational security knowledge in the industry domain. However, only one model was found to exist for enhancing security knowledge of employees in the institutions domain. This paper therefore describes a gap identified in the existing information security education and awareness models and presents the required relevant characteristics for developing information security education and awareness models for bridging the gap (in the institutions domain). The paper also evaluates and compares characteristics of existing models in order to identify the most relevant characteristics for a new model and makes a presentation to that effect. This was done through a review of existing literature on information security education and awareness models and a comparative analysis of models identified in the three domains.
Publication Year: 2015
Publication Date: 2015-11-01
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
Cited By Count: 11
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot