2010
DOI: 10.2307/25750704
|View full text |Cite
|
Sign up to set email alerts
|

Improving Employees' Compliance Through Information Systems Security Training: An Action Research Study

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

9
332
0

Year Published

2014
2014
2022
2022

Publication Types

Select...
7
3

Relationship

0
10

Authors

Journals

citations
Cited by 430 publications
(341 citation statements)
references
References 41 publications
9
332
0
Order By: Relevance
“…It was pointed out in the first workshop that content which did not appear relevant to the work of the individual employee only had a demotivating effect. Based on the conclusions of Puhakainen and Siponen (2010), and recommendations from NIST (2003), together with opinions collected from the interviews, a successful SAT application needs both to take into account are previous knowledge, and to adapt the con-tent to fit job roles and responsibilities. The intuition is that gamification in itself cannot explicitly simplify the process of delivering the right content to the right people.…”
Section: Personalisation and Freedommentioning
confidence: 99%
“…It was pointed out in the first workshop that content which did not appear relevant to the work of the individual employee only had a demotivating effect. Based on the conclusions of Puhakainen and Siponen (2010), and recommendations from NIST (2003), together with opinions collected from the interviews, a successful SAT application needs both to take into account are previous knowledge, and to adapt the con-tent to fit job roles and responsibilities. The intuition is that gamification in itself cannot explicitly simplify the process of delivering the right content to the right people.…”
Section: Personalisation and Freedommentioning
confidence: 99%
“…It is also an "insiderthreat" where there is strong non-compliance behavior of employees related to the information security policies [26]. "If users do not comply with ISsec policies, ISsec measures lose their efficacy" [27]. Furthermore, Shadow IT has an important dual-use context [28], [29], [30] where its use can have positive and negative consequences.…”
Section: Shadow Itmentioning
confidence: 99%
“…Unsecure employee behaviors are a major contributor to the breach of employee data, and researchers have proposed several interventions, such as security training (Puhakainen & Siponen, 2010), to increase employees' secure behaviors. However, many employees continue to engage in unsecure security practices.…”
Section: Overview Of Papersmentioning
confidence: 99%