Security Awareness Management: Implementing Security in Business Processes by Management Education

vom, Brocke J; Buddendick C

Security Awareness Management: Implementing Security in Business Processes by Management Education

vom Brocke J; Buddendick C

Zusammenfassung
The implementation of secure business processes has become a vital necessity for companies, nowadays. Security issues have been especially covered with regard to IT-security. Comprehensive technical means are available, promising to guarantee security. Actual studies show that despite of implementing these technical solutions, security threats are still evolving when performing business processes in everyday work life. Human interactions in information systems count up for most of these threats. In order to raise security awareness of employees, management education can have a significant contribution. In this paper, we develop a general model for the implementation of security by means of management education based on findings in the field of IT-security management. These findings are based on behavioural science and used to develop a process model for controlling security awareness with an educational approach. To evaluate the model, we present a case study by applying the model in practice. By means of that, we finally derive conclusions and lessons learned from a management perspective as well as from a researcher's point of view.

Schlüsselwörter
Security Awareness Management

Publikationstyp

Forschungsartikel (Zeitschrift)

Begutachtet

Ja

Publikationsstatus

Veröffentlicht

Jahr

2007

Fachzeitschrift

International Journal of Information and Operations Management Education

Band

2

Ausgabe

2

Erste Seite

117

Letzte Seite

117

ISSN

1744-2303

DOI

https://doi.org/10.1504/IJIOME.2007.015278