| Authors: | Tsohou A., Karyda M., Kokolakis S., Kiountouzis E. |
|---|
| Title: | Aligning Security Awareness with Information Systems Security Management |
|---|
| Conference: | 4th Mediterranean Conference on Information Systems (MCIS09) |
|---|
| Editors: | |
|---|
| Ed: | No |
|---|
| Eds: | No |
|---|
| Pages: | |
|---|
| To appear: | No |
|---|
| Month: | September |
|---|
| Year: | 2009 |
|---|
| Place: | Athens, Greece |
|---|
| Pubisher: | |
|---|
| Link: | |
|---|
| File name: | Aligning Security Awareness with Information Systems Security Management.pdf##^^&&713957373.pdf |
|---|
| Abstract: | This paper explores the way information security awareness connects to the overall information security
management framework it serves. To date, the formulation of security awareness initiatives has tended to
ignore the important relationship with the overall security management context, and vice versa. In this
paper we show that the two processes can be aligned so as to ensure that awareness activities serve the
security management strategy and that security management exploits the benefits of an effective
awareness effort. To do so, we analyze the processes of security awareness and security management
using a process analysis framework and we explore their interactions. The identification of these
interactions results in making us able to place awareness in a security management framework instead of
viewing it as an isolated security mechanism. |
|---|
Greek