A Perspective on the Intersection of Information Security Policies and IA Awareness, Factoring in End-User Behavior

International Conference on Research in Management & Technovation Pub Date : 2020-01-20 DOI:10.15439/2020KM1

Ph.D S. Raschid Muller

{"title":"A Perspective on the Intersection of Information Security Policies and IA Awareness, Factoring in End-User Behavior","authors":"Ph.D S. Raschid Muller","doi":"10.15439/2020KM1","DOIUrl":null,"url":null,"abstract":"— In 2017 Executive Order 13800 was enacted for all federal entities to use the NIST Cybersecurity Framework to report on FISMA compliance. According to GAO-19-545 report sixteen agencies were identified as failing to successfully implement FISMA regulations rooted in information security policies (ISPs). This paper will introduce the link between information assurance awareness with the prescribed actions and its direct influence on information security policies. While organizations are conscious of the federal rules and regulations, most continue to fail to successfully implement and comply with the guidelines due to a sincere lack of information assurance and awareness, which ties directly into human behavior. A discussion on the intersection of information security awareness and behavior will be presented. The UTAUT theory measures and informs the researcher on factors that influence the end-user. Con-clusively, recommendations will be offered on why organizations need to invest in a mechanism that measures these factors, which increases information awareness to change behavior, thus achieving better compliance with their organizational ISPs.","PeriodicalId":390542,"journal":{"name":"International Conference on Research in Management & Technovation","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2020-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Research in Management & Technovation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15439/2020KM1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

— In 2017 Executive Order 13800 was enacted for all federal entities to use the NIST Cybersecurity Framework to report on FISMA compliance. According to GAO-19-545 report sixteen agencies were identified as failing to successfully implement FISMA regulations rooted in information security policies (ISPs). This paper will introduce the link between information assurance awareness with the prescribed actions and its direct influence on information security policies. While organizations are conscious of the federal rules and regulations, most continue to fail to successfully implement and comply with the guidelines due to a sincere lack of information assurance and awareness, which ties directly into human behavior. A discussion on the intersection of information security awareness and behavior will be presented. The UTAUT theory measures and informs the researcher on factors that influence the end-user. Con-clusively, recommendations will be offered on why organizations need to invest in a mechanism that measures these factors, which increases information awareness to change behavior, thus achieving better compliance with their organizational ISPs.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

资讯安全政策与资讯保安意识的交集，以及最终用户行为的考量

- 2017年颁布了13800号行政命令，要求所有联邦实体使用NIST网络安全框架报告FISMA合规性。根据GAO-19-545报告，16个机构被确定为未能成功实施基于信息安全政策(isp)的FISMA法规。本文将介绍信息保障意识与规定行动之间的联系及其对信息安全政策的直接影响。虽然组织意识到联邦规则和条例，但由于缺乏信息保障和意识，大多数组织仍然无法成功地实现和遵守指导方针，这与人类行为直接相关。我们将讨论信息安全意识与行为的交集。UTAUT理论测量并告知研究者影响最终用户的因素。最后，将提出建议，说明为什么组织需要投资于测量这些因素的机制，从而提高信息意识以改变行为，从而更好地遵守其组织的isp。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

International Conference on Research in Management & Technovation

自引率

0.00%

发文量