This thesis has contributed to academia by looking at what to include in a security awareness strategy, and how to apply this to industries, as this has not been done before. For this a case study and semi-structured interviews with security professionals/responsible, knowledgeable of industries have been performed. The result emphasize five steps: knowledge, motivation, communication, learning/ training and evaluation, by teaching knowledge at different levels, consider PMT factors, choose the right communication aspects, use interactive/context based learning activities and to evaluate knowledge, behavior and attitude. When applied to industries, the study highlights the industrial culture, like customized knowledge, communication/learning activities that are relatable and don’t hinder industry workers, and finally to evaluate attitudes. This study's limitations and research recommendation could be the lack of fieldwork. However the findings also contribute to practice, given their real-life settings application potential, such as the generated security awareness model of this thesis.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:umu-197533 |
Date | January 2022 |
Creators | Lund, Mira |
Publisher | Umeå universitet, Institutionen för informatik |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Relation | Informatik Student Paper Master (INFSPM) ; SPM 2022.10 |
Page generated in 0.0017 seconds