There is a large number of information security awareness programs (iSAP) found in the literature with multiple approaches. Considering that the number of security breaches performed by insiders is as high as 48%, the effectiveness of such programs is questionable. This leaves a considerable space for external, but also internal criminals, to perform and succeed in their attacks, something that can cause heavy losses (both economical and less tangible as reputation) to organizations. This thesis decided to study some of those iSAP to see their strengths and weaknesses. After studying the approaches in focus for this thesis, and following an inductive research method, a new model to develop iSAP from a holistic point of view was presented. The solution has been aligned with subject matter experts (SME) at “Company X” and with end-users external to that company. The model is now ready to be studied empirically in organizations to evaluate its effectiveness.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:kth-48050 |
| Date | January 2011 |
| Creators | Rydefelt Calatayud, Leonor |
| Publisher | KTH, Skolan för informations- och kommunikationsteknik (ICT) |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
| Relation | Trita-ICT-EX ; 173 |
Page generated in 0.024 seconds