Phishing and Organisational Learning

Abstract : The importance of addressing the human aspect in information security has grown over the past few years. One of the most frequent techniques used to obtain private or confidential information from humans is phishing. One way to combat these phishing scams is to have proper security awareness programs in place. In order to enhance the awareness and educational value of information security awareness programs, it is suggested that an organisational learning model, characterised by so called single-loop and double-loop learning, be considered. This paper describes a practical phishing experiment that was conducted at a large organisation and shows how a learning process was initiated and how security incidents such as phishing can be used successfully for both single and double-loop learning.
Type de document :
Communication dans un congrès
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.379-390, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_28〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01463839
Contributeur : Hal Ifip <>
Soumis le : jeudi 9 février 2017 - 17:24:15
Dernière modification le : jeudi 9 février 2017 - 17:37:19
Document(s) archivé(s) le : mercredi 10 mai 2017 - 14:53:34

Fichier

978-3-642-39218-4_28_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Wayne Kearney, Hennie Kruger. Phishing and Organisational Learning. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.379-390, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_28〉. 〈hal-01463839〉

Partager

Métriques

Consultations de la notice

27

Téléchargements de fichiers

35