Phishing and Organisational Learning

Abstract : The importance of addressing the human aspect in information security has grown over the past few years. One of the most frequent techniques used to obtain private or confidential information from humans is phishing. One way to combat these phishing scams is to have proper security awareness programs in place. In order to enhance the awareness and educational value of information security awareness programs, it is suggested that an organisational learning model, characterised by so called single-loop and double-loop learning, be considered. This paper describes a practical phishing experiment that was conducted at a large organisation and shows how a learning process was initiated and how security incidents such as phishing can be used successfully for both single and double-loop learning.
Document type :
Conference papers
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.379-390, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_28〉
Liste complète des métadonnées

Cited literature [20 references]  Display  Hide  Download

https://hal.inria.fr/hal-01463839
Contributor : Hal Ifip <>
Submitted on : Thursday, February 9, 2017 - 5:24:15 PM
Last modification on : Thursday, February 9, 2017 - 5:37:19 PM
Document(s) archivé(s) le : Wednesday, May 10, 2017 - 2:53:34 PM

File

978-3-642-39218-4_28_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Wayne Kearney, Hennie Kruger. Phishing and Organisational Learning. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.379-390, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_28〉. 〈hal-01463839〉

Share

Metrics

Record views

24

Document downloads

25