Global ETD Search

11	Olika perspektiv på informationssäkerhet : En fallstudie på ett universitet Wallin, Emma, Andersson, Ellinor January 2022 (has links) Utbildningssektorn har sedan en tid tillbaka varit extra utsatt för cyberattacker, dels på grund av dess öppna nätverk och det stora antalet användare, men ofta också på grund av ett bristande informationssäkerhetsarbete (Wood 2014). Syftet med uppsatsen är att undersöka vad ett svenskt universitet och dess anställda har för uppfattning av informationssäkerhet samt om och i så fall hur dessa syner skiljer sig åt. Det med hjälp av teorin Technological frames (Orlikowski & Gash 1994). I studien har sex anställda och enheten för informationssäkerhet på universitetet intervjuats. Författarna har även utfört en deltagande observation vid en internutbildning i informationssäkerhet. Resultaten visar att de två grupperna bland annat har en samsyn om att människan är det största hotet för infektioner och attacker, att information i olika former är viktig att skydda, att den fysiska säkerheten samt lösenord är viktiga, att organisationen måste hitta en lagom nivå av informationssäkerhet och att ansvar för informationssäkerhetsutbildning för anställda främst ligger hos organisationen men att det trots allt också finns ett ansvar hos individen att själv ta reda på information. Det förelåg olika syner på huruvida phishing-mejl skulle raderas direkt eller rapporteras och vilka kommunikationsvägar som bör användas mellan enheten för informationssäkerhet och de anställda. De anställda hade dessutom en snävare syn på vad informationssäkerhet är jämfört med enheten för informationssäkerhet. / The education sector has recently been particularly exposed to cyber attacks, partly due to its open networks and the large number of users, but also due to a lack of information security (Wood 2014). The purpose of the thesis is to investigate what image a Swedish university and its employees have of information security and if these views differ, and in that case how. This study draws on the theory Technological frames (Orlikowski & Gash 1994). In the study, six employees and the information security unit at the university were interviewed. We also performed participatory observation during an internal course in information security. The results show that the two groups agree that humans are the biggest threat when it comes to cyber attacks, that information in various forms is important to protect, that physical security and passwords are important, that the organization must find a reasonable level of information security and that the organization should have the primary responsibility for information security training for employees, but that individuals also have a responsibility. There were different views on whether phishing emails should be deleted directly or reported. The views differ when it comes to which communication channels should be used between the unit of information security and the employees. The employees also had a narrower view of what information security is compared to the unit for information security. Information security Information Security Awareness ISA Information Security Training IST Technological frames Informationssäkerhet Information Security Awareness ISA Information Security Training IST Technological frames Information Systems
12	Informationssäkerhetskunskap i gymnasieskolan : En nulägesanalys av gymnasieelevers kunskaper och lärares arbete kring ämnet Öberg, Emma, Katardjiev, Nikola January 2016 (has links) Svenska gymnasieskolor, både kommunala och fristående, har snabbt adopterat en datorbaserad inlärningsplattform. Det här betyder att varje elev får tillstånd att låna en dator från skolan, vars syfte är att effektivisera skolarbetet. Att flytta undervisningen iväg från papper och penna mot ett mer digitalt arbetssätt medför dock vissa risker gällande informationssäkerhet. Denna uppsats syftar att undersöka, genom en surveyundersökning av 4 olika gymnasieskolor i Sverige, kunskapsnivåerna i informationssäkerhet hos studenter mellan 16 och 19 år gamla, samt även hur denna kunskap lärs ut. Studien var uppdelad i en enkätundersökning av studenter, med 163 respondenter, och intervjuer med 3 anställda på 3 av skolorna. / High schools in Sweden, both public and private, have rapidly been adopting a computerbased learning platform. This means that each student is granted permission to lease a laptop from the school, which is intended to effectivize school work. However, moving the educational platform away from paper and pen and towards a digital platform poses certain risks concerning information security. This paper aims to examine, through a survey of 4 different high schools in Sweden, the education levels of students aged 16 to 19 concerning information security, and also how that education has been conducted. The study was divided into a survey of students, with 163 respondents, and interviews were conducted with 3 key members of 3 of the schools. Information security High schools High school students Security awareness Risk awareness Informationssäkerhet Gymnasieskolor Gymnasieelever Säkerhetsmedvetenhet Riskmedvetenhet
13	Reducing the risk of e-mail phishing in the state of Qatar through an effective awareness framework Al-Hamar, Mariam Khalid January 2010 (has links) In recent years, cyber crime has focused intensely on people to bypass existing sophisticated security controls; phishing is one of the most common forms of such attack. This research highlights the problem of e-mail phishing. A lot of previous research demonstrated the danger of phishing and its considerable consequences. Since users behaviour is unpredictable, there is no reliable technological protective solution (e.g. spam filters, anti-viruses) to diminish the risk arising from inappropriate user decisions. Therefore, this research attempts to reduce the risk of e-mail phishing through awareness and education. It underlines the problem of e-mail phishing in the State of Qatar, one of world s fastest developing countries and seeks to provide a solution to enhance people s awareness of e-mail phishing by developing an effective awareness and educational framework. The framework consists of valuable recommendations for the Qatar government, citizens and organisations responsible for ensuring information security along with an educational agenda to train them how to identify and avoid phishing attempts. The educational agenda supports users in making better trust decisions to avoid phishing that could complement any technical solutions. It comprises a collection of training methods: conceptual, embedded, e-learning and learning programmes which include a television show and a learning session with a variety of teaching components such as a game, quizzes, posters, cartoons and a presentation. The components were tested by trial in two Qatari schools and evaluated by experts and a representative sample of Qatari citizens. Furthermore, the research proves the existence and extent of the e-mail phishing problem in Qatar in comparison with the UK where people were found to be less vulnerable and more aware. It was discovered that Qatar is an attractive place for phishers and that a lack of awareness and e-law made Qatar more vulnerable to the phishing. The research identifies the factors which make Qatari citizens susceptible to e-mail phishing attacks such as cultural, country-specific factors, interests and beliefs, religion effect and personal characteristics and this identified the need for enhancing Qatari s level of awareness on phishing threat. Since literature on phishing in Qatar is sparse, empirical and non-empirical studies involved a variety of surveys, interviews and experiments. The research successfully achieved its aim and objectives and is now being considered by the Qatari Government. 364.16
14	An educational experiment in discovering spear phishing attacks / Ett utbildningsexperiment för att upptäcka spear phishing attacker Floderus, Sebastian, Rosenholm, Linus January 2019 (has links) Background: Spear phishing attacks uses social engineering targeting a specific person to steal credential information or infect the users computer with malware. It is often done through emails and it can be very hard to spot the difference between a legitimate email and a scam email. Cybercrime is a growing problem and there is many ways to inform and educate individuals on the subject.Objectives: This study intends to perform an experiment to see if an educationalsupport tool can be used to better identify phishing emails. Furthermore see if there is a difference in susceptibility between students from different university programs. Methods: A qualitative research study was used to get the necessary understanding how to properly develop a phishing educational tool. A Pretest-Posttest experiment is done to see if there is an improvement in result between an experimental group that received education and the control group that did not. Results: The result shows an overall higher score for the technical program compared to the non-technical. Comparing the pretest with the posttest shows an increase in score for the non-technical program and a decrease in score for the technical program. Furthermore 58% of the non-technical students who started the test did not complete it. Conclusions: There is a noticeable difference in susceptibility between the programs for detecting scam emails for students. However further research is needed in order to explore to what extent the education process had an impact. Phishing Spear-phishing Experiment Security awareness Computer Sciences Datavetenskap (datalogi) Learning Lärande
15	Visuell kontextbaserad mikroträning : En effektivitetsstudie / Visual context based microtraining : An efficiency study Ljungdahl, Erik January 2019 (has links) Informationssäkerhet är ett område som blir mer aktuellt för var dag när samhället blir allt mer digitaliserat, vilket leder till att nya vägar för att utbilda allmänheten måste undersökas. Tidigare forskning har studerat konceptet kontextbaserad mikroträning, alltså träning ögonblicket innan träningen behövs, och utefter detta skapat videoklipp för att således lära personer om säkerhetsmedvetenhet. Ett sådant klipp, i följande rapport ofta kallad visuell kontextbaserad mikroträning, ämnade undervisa personer i vad ett säkert lösenord ska innehålla, hur det kan utformas och en föreslagen metod att minnas lösenordet. Videomaterialet har dock endast undersökt i syfte att fastställa den allmänna åsikten, men dess effektivitet har tidigare inte undersökts. Denna studie vilar på deltagandet av 49 studiedeltagare som fick genomgå mikroträning, en grupp som exponerades för visuell kontextbaserad mikroträning och en som exponerades för samma pedagogiska innehåll som det visuella mikroträningsmediet ämnade framföra, dock denna gång i skriven text. Resultatet av studiemomentet genererade således 25 lösenord med tillhörande demografisk data efter videoexponering och 24 lösenord efter textexponering och dessa två dataset fick jämföras gentemot varandra. Efter den utförda analysen stod det klart att de skillnader som existerar mellan mikroträningsvideon och en text med samma undervisningsmaterial utformad för komparativa syften var små, och ingen signifikant korrelation kunde fastställas. / Information security is a field that gets more relevant for every day in a digitized society, which means that new ways to educate the public in information security matters has to be explored. Previous research has studied the concept of context based micro training, meaning training in the moment in which it’s needed, and along this created videos which are meant to educate people of what a secure password should contain, how the password is designed and methods to remember the password in question. This study is resting on the participation of 49 study participants who were subjected to micro training, one group who were exposed to visual context based micro training and one that was exposed to the same educational content as the visual micro training medium intended to convey, however this time in written text. The result of the study moment generated 25 passwords with associated demographic data after exposure to video, and 24 passwords after exposure to text, and these two data sets were compared to each other. After the analysis it was clear that the differences that exists between visual context based micro training and a text containing the same educational material in written form were small , and no significant correlation could be established. information security micro training security awareness informationssäkerhet mikroträning säkerhetsmedvetenhet Information Systems
16	Privacy exposure on WeChat from users' perspective : A study among the university students in China Liu, XiaoTong January 2019 (has links) In 21st century, social media has become one necessary part in people’s life, different kinds of social media emerge in endlessly. In younger generation, it is popular to use social media as a communication tool to get closer to each other. During using social media, it is important to have awareness to protect their personal information. Comparing with Western countries, the topic of privacy is not often discussed in China and some privacy issues might be ignored due to people have not enough knowledge in this area. In this study, the focus is to investigate Chinese university students’ perception of privacy risks and WeChat personal information exposure. Based on this, this study also explores the users’ attitudes toward WeChat and how it influences the future usage of it. The adopted research method is qualitative research method, by doing interviews with 15 students from different school, city and major. From the study, eight essential concepts are used to answer two research questions. Though analysis, the situation of the privacy perception can be found, the reasons and attitudes toward WeChat are also figured out. At the end of the thesis, the contribution of this study and suggestions to future research are shown. SNS WeChat Security awareness Information privacy Risk perception Information Systems
17	Avaliação de pracinhas infantis em conjuntos habitacionais Marques, Claudia Adriana Nichetti January 2016 (has links) Esta pesquisa investiga como aspectos locacionais e aspectos físico-espaciais das pracinhas infantis podem influenciar, de forma positiva ou negativa, no estado de conservação destas pracinhas, na percepção de segurança e, consequentemente, na sua frequência e intensidade de uso por crianças e acompanhantes. Dentre os aspectos locacionais estão, o controle de acesso aos conjuntos habitacionais e as pracinhas infantis, os caminhos de acesso às pracinhas infantis a partir das moradias, a localização das pracinhas nos conjuntos habitacionais, as conexões visuais entre as moradias e as pracinhas infantis e o entorno imediato às pracinhas infantis. Em relação aos aspectos físicos das pracinhas são tratados, o dimensionamento físico das pracinhas infantis, a adequação dos equipamentos de brincar e do mobiliário e a adequação da vegetação. Assim, o objetivo é investigar a relação entre os aspectos locacionais das pracinhas infantis e a adequação no uso por criança e acompanhantes, e a relação entre os aspectos físicos das pracinhas infantis e as suas avaliações pelas crianças e acompanhantes. Para tanto, são selecionadas oito pracinhas infantis em seis conjuntos habitacionais localizados em Porto Alegre. Os métodos de coletas de dados fazem parte dos utilizados na área de estudo Ambiente e Comportamento, sistematizados por meio de levantamento de arquivo, levantamento físico, observações de comportamento, questionários e entrevistas. Os dados coletados foram analisados de forma qualitativa e quantitativa, através de testes estatísticos não-paramétricos. Os resultados desta investigação demonstram que, a falta de controle de acesso aos conjuntos afeta negativamente o estado de conservação das pracinhas infantis, bem como a percepção de segurança das crianças e dos acompanhantes. A intensidade de uso tende a ser pior nas pracinhas mal localizadas e com menor controle visual. A conservação dos equipamentos tendem a ser pior nas pracinhas com dimensionamento físico e equipamentos inadequados à intensidade de uso. Por fim, espera-se que os dados obtidos possam contribuir para qualificar projetos de pracinhas infantis em conjuntos habitacionais, a fim de responder melhor às necessidades das crianças e dos acompanhantes. / This research investigates how locational and physical aspects of playground can influence, positively or negatively, in the state of conservation of these small squares, the perception of safety and consequently the intensity of use by children and companions. Among the locational aspects are, the control of access to housing and children's small squares, access roads to playground from the villas, the location of playground in the projects, the visual connections between housing and children's small squares and immediate surroundings to playground. Regarding the physical aspects of playground are treated, the physical design of children's small squares, the adequacy of equipment to play and the furniture and the adequacy of vegetation. The objective is to investigate the relationship between the locational aspects of children's grunts and adapt them to the children and their companions, and the relationship between the physical aspects of playground and their assessments by the children and their companions. Therefore, eight playground are selected in six housing estates located in Porto Alegre. The methods of data collection are part of the area used in environment studies and behavior, systematized through archival survey, physical survey, behavioral observations, questionnaires and interviews. The collected data were analyzed qualitatively and quantitatively, using non-parametric statistical tests. The results of this research show that the lack of control of access to sets negatively affect the conservation status of playground and the perception of safety of children and companions. The intensity of use tends to be worse in poorly located playground and less visual control. The conservation tend to be worse in small squares with physical design and equipment unsuited to the intensity of use. Finally, it is expected that the data obtained can help to qualify playground projects in housing, in order to better meet the needs of children and their carers. Conservação (Arquitetura) Percepção ambiental Praças Crianças Conservation playground Security awareness Use of playground Adequacy of playground
18	Best Practices to Minimize Data Security Breaches for Increased Business Performance Kongnso, Fedinand Jaiventume 01 January 2015 (has links) In the United States, businesses have reported over 2,800 data compromises of an estimated 543 million records, with security breaches costing firms approximately $7.2 million annually. Scholars and industry practitioners have indicated a significant impact of security breaches on consumers and organizations. However, there are limited data on the best practices for minimizing the impact of security breaches on organizational performance. The purpose of this qualitative multicase study was to explore best practices technology leaders use to minimize data security breaches for increased business performance. Systems theory served as the conceptual framework for this study. Fourteen participants were interviewed, including 2 technology executives and 5 technical staff, each from a banking firm in the Northcentral United States and a local government agency in the Southcentral United States. Data from semistructured interviews, in addition to security and privacy policy statements, were analyzed for methodological triangulation. Four major themes emerged: a need for implementation of security awareness education and training to mitigate insider threats, the necessity of consistent organization security policies and procedures, an organizational culture promoting data security awareness, and an organizational commitment to adopt new technologies and innovative processes. The findings may contribute to the body of knowledge regarding best practices technology leaders can use for securing organizational data and contribute to social change since secure organizational data might reduce consumer identity theft. data breaches data compromise data security information security security awareness security breach Business Databases and Information Systems
19	Det trådlösa samhället : En utredning av rättsläget, säkerhetsläget och säkerhetsmedvetandet vid användning av trådlöst hemmanätverk. Engström, Mattias, Arneng, Karl January 2006 (has links) <p>Användningen av trådlöst nätverk blev under början av 2000-talet mycket populärt bland privatpersoner, genom dess mobila fördelar, Tekniken medförde många fördelar, men också många nackdelar och frågan var hur många som verkligen hade blivit uppmärksammade på eller kände till dessa och därefter valt att skydda sina trådlösa nätverk.</p><p>Det främsta syftet med denna uppsats var därmed att undersöka på vilken nivå säkerhetsmedvetandet låg i samhället vid användning av trådlöst nätverk vid gällande tidpunkt. Vidare handlade det också om att reda ut gällande rättsläge , vid handlingar mot eller via ett trådlöst nätverk, och mäta hur utbredd säkerhetsanvändningen var bland trådlösa hemmanätverk. För att besvara detta utgick vi från ett positivistiskt och deduktivt synsätt, med kvalitativa intervjuer för att reda ut gällande rättsläge, pejling av trådlöst nätverk för att mäta säkerhetsläget och kvantitativa enkätintervjuer, för att få fram typer av säkerhetsmedvetande, bland användare av trådlöst hemmanätverk. Innehållet i alla intervjuer baserades på fastställd fakta kring trådlöst nätverk, risker med tekniken, riskförebyggande säkerhetsrutiner och Svensk lag.</p><p>Vi konstaterade slutligen att gällande rättsläge för närvarande var föråldrat och inte anpassat att hantera de risker som trådlöst nätverk hade medfört. Vidare visade resultatet på ökad säkerhetsanvändning bland trådlösa nätverk i samhället, och att det överlag var yngre användare som stod för denna ökning. Yngre användare visade sig även överlag ha ett högre säkerhetsmedvetande, än äldre, och då särskilt hög teknisk kunskap</p> / <p>The usage of Wireless local area networks (WLAN) became very popular amongst private citizens, during the beginning of the 21 century, because of its mobile advantages. The technology brought many advantages, but also many disadvantages and the question was how many had noticed or knew that these existed and afterwards had chosen to secure their WLAN.</p><p>The main purpose of this thesis was to examine the current level of security awareness, in the community, when using WLAN. Other goals were to investigate the current general legal context, about actions against or through a WLAN, and measure the widespread usage of security within WLAN. To answer this we used a positivistic and deductive approach, with qualitative interviews to sort out the current general legal context, Wardriving to find and measure the current state of security within WLAN's and quantitative questionnaires to find out the most common types of security awareness amongst users of WLAN. The content of all this was based on facts about the WLAN technology, the risks that comes with it, risk preventing security routines and the Swedish law.</p><p>Finally we established that the current general legal context was out-of-date and not adapted to handle the new risks that WLAN had brought. Further on the result also showed a increased usage of security amongst WLAN in the community and that the main reason for this was the younger WLAN owners. Younger users also turned out to have higher security awareness, than older users, and particularly very high technical knowledge.</p> Wireless local area network security awareness WLAN trådlöst nätverk säkerhetsmedvetande Wardriving Informatics and systems science Informatik och systemvetenskap
20	Allmänhetens säkerhetsmedvetenhet med avseende på trådlös kommunikation Wallin, Andreas, Rubensson, Jonas, Iggstrand, Alexander January 2014 (has links) Offentliga trådlösa nätverk finns idag mer tillgängliga än någonsin. Samtidigt haralla dessa nätverk något gemensamt – de går alla att avlyssna och risken finns attanvändarens information kan komma i fel händer. Uppsatsen behandlarallmänhetens säkerhetsmedvetenhet med avseende på denna typ av nätverk genomtvå undersökningar. Den första undersökningen sker via ett tekniskt experiment därdet på flera geografiska platser har erbjudits ett trådlöst nätverk till allmänheten. Pådetta nätverk har det i realtid getts möjligheten att bedöma användarnassäkerhetsmedvetenhet genom att analysera deras nätverkstrafik. Den andraundersökningen sker via en enkät för att få ett resultat från ett teoretiskt perspektiv,hur användarna tror sig agera vid användning av ett sådant nätverk. Således ger denen inblick i den kunskap och säkerhetsmedvetenhet människor i allmänhet tror sigbesitta.Resultaten från undersökningarna tyder på att människors säkerhetsmedvetenhetkan och bör förbättras. Ett första steg är ytterligare utbildning angående de riskersom existerar och hur man undviker dem, något som tas upp i denna uppsats. / Public wireless networks are more available than ever. The networks all havesomething in common—they can be tapped in to, which poses the risk of sensitiveuser information being compromised. This research paper explores the public’ssecurity awareness with regards to public wireless networks by two differentmethods. One technical experiment in which, access to a public wireless networks inseveral different locations were offered. This allowed us to, in real-time, assess thesafety awareness of the users of our public wireless network, by analyzing theirnetwork traffic. The second was a survey, which were distributed to our sample ofpeople. It asked the sample questions about how they perceive their own behavioron a public wireless network. Thus, the survey allowed us to get an idea of theknowledge and the security awareness the public in general believe that they have.The results from our research indicate that people’s security awareness can andshould be improved. One first step towards improvement would be educationconcerning the risks that exist and how to avoid them, which is something that will be brought up in this paper. Security awareness Wireless network Eavesdropping Network traffic Säkerhetsmedvetenhet Trådlösa nätverk Avlyssning Nätverkstrafik

Search results