China
Africa
Explore chapters and articles related to this topic
Enterprise solutions and technologies
Published in Abbas Moallem, Human-Computer Interaction and Cybersecurity Handbook, 2018
Unique to educational organizations is the FERPA of 1978. This US federal law protecting student information was passed decades before tools such as modern enterprise resource planning applications such as Oracle’s Peoplesoft, SAP, and Workday were extensively integrated into university operations but, nonetheless, significantly impacts cybersecurity today. FERPA protects every aspect of student information up to and includes information such as a student’s name, grades, and class roster. FERPA breaches are the most common form of exposure in many universities and can lead to real consequences including loss of federal funding and accreditation. For example, universities are required to establish contracts ensuring total ownership and control of student information with all third parties, limit information available to parents, and more. In the university setting, FERPA should be at the forefront of the information security awareness campaign.
Security in the Cloud
Published in John W. Rittinghouse, James F. Ransome, Cloud Computing, 2017
John W. Rittinghouse, James F. Ransome
People will remain the weakest link for security. Knowledge and culture are among the few effective tools to manage risks related to people. Not providing proper awareness and training to the people who may need them can expose the company to a variety of security risks for which people, rather than system or application vulnerabilities, are the threats and points of entry. Social engineering attacks, lower reporting of and slower responses to potential security incidents, and inadvertent customer data leaks are all possible and probable risks that may be triggered by lack of an effective security awareness program. The one-size-fits-all approach to security awareness is not necessarily the right approach for SaaS organizations; it is more important to have an information security awareness and training program that tailors the information and training according the individual’s role in the organization. For example, security awareness can be provided to development engineers in the form of secure code and testing training, while customer service representatives can be provided data privacy and security certification awareness training. Ideally, both a generic approach and an individual-role approach should be used.
Moral, Legal, and Ethical Issues of Technology in Education
Published in Manpreet Singh Manna, Balamurugan Balusamy, Kiran Sood, Naveen Chilamkurti, Ignisha Rajathi George, Edutech Enabled Teaching, 2023
The Information Technology Act of 2000 addresses wrongful uses of computers: activities such as theft, forgery, hacking, or attacking other computers as well as committing serious crimes, such as pornography or accessing the personal data of someone all are included in cybercrime (information security awareness).
Uncovering the role of optimism bias in social media phishing: an empirical study on TikTok
Published in Behaviour & Information Technology, 2023
Wenjing Lei, Siqi Hu, Carol Hsu
Finally, we considered the role of information security awareness in the current study. Here, information security awareness refers to ‘individuals’ cognitive ability to recognize and understand information security threats and risks’ (Bauer and Bernroider 2017, 46). The information security literature postulates that information security awareness induces behavioural adjustments (Bauer and Bernroider 2017; Chen, Chen, and Wu 2018). Thus, more specifically, individuals with high information security awareness tend to be more cognisant of different security threats, including phishing on social media, which could consequently motivate them to engage in preventive measures. The work of Chen, Chen, and Wu (2018) has indeed demonstrated that information security awareness influences compliance with information security measures. Consequently, we predict that as information security awareness increases, the intention to take preventive measures will increase accordingly. Hence, we hypothesise: H5: Information security awareness will be positively associated to the intention to take preventive measures against phishing attacks on TikTok.
Information Security Policy Compliance: Leadership, Trust, Role Values, and Awareness
Published in Journal of Computer Information Systems, 2020
Alex Koohang, Alojzy Nowak, Joanna Paliszkiewicz, Jeretta Horn Nord
Scholars agree that information security awareness is a determinant variable of ISP compliance.2,10,22,68–70 Information security awareness as “… the degree of understanding of users about the importance of information security and their responsibilities and acts to exercise sufficient levels of information security control.71” Siponen (see ref. 72, p. 31) defined information security awareness as “ … a state where users in an organization are aware of – ideally committed to – their security mission (often expressed as in end-user security guidelines).” The ISP awareness is defined as “ … an employee’s knowledge and understanding of the requirements prescribed in the organization’s ISP and the aims of those requirements (see ref. 2, p. 532).”
Cloud Computing Risk: A Decision-making Framework
Published in Journal of Computer Information Systems, 2023
The combined cloud adoption rationale also highlights security concerns. Information security awareness refers to general knowledge about the potential information security issues and the related possible repercussions. 29,33For most organizations, information security awareness is included in the company’s organizational policies, so that employees are generally aware of their organization’s information security objectives. Therefore, I hypothesize: H1a: General (IT) security awareness is positively related to an organization’s IT-Business strategic alignment.