Toward a New Meta-Theory for Designing Information Systems (IS) Security Training Approaches

  title={Toward a New Meta-Theory for Designing Information Systems (IS) Security Training Approaches},
  author={Mari Karjalainen and Mikko T. Siponen},
  journal={J. Assoc. Inf. Syst.},
Research Article 

Figures and Tables from this paper

Organizational Factors that Influence Information Security in State Corporations: A Case Study of Kenya National Highways Authority

A Research Project by Kihara Peter Karichu Submitted to the Chandaria School of Business in Partial Fulfillment of the Requirement for the Degree of Masters in Business Administration (MBA)

Information Security Culture: Fusion of Professional and Personal Lives

This annotated bibliography explores the core values organizations must possess in order to implement information security cultures that incorporate information security awareness and develop

An Examination of User Detection of Business Email Compromise Amongst Corporate Professionals

iv Acknowledgements vi List of Tables ix List of Figures x

Identifying Unethical Personally Identifiable Information (PII) Privacy Violations Committed by IS/IT Practitioners: A Comparison to Computing Moral Exemplars

The author states that the aim of this book was to provide a history of quantitative analysis of the determinants of infectious disease and its effects in the literature.

Behavioral Information Security Management

Although technical efforts are important, individuals within the organization remain the weakest link in the defense against both internal and external threats.

Information and Cyber Security: 18th International Conference, ISSA 2019, Johannesburg, South Africa, August 15, 2019, Proceedings

Cost saving information security initiatives are identified and a framework is proposed for organizational and behavioral change in technical human resources, to better address information security concerns.

A Descriptive Review and Classification of Organizational Information Security Awareness Research

The results show that ISA research is evolving with behavioral research studies still being explored and Quantitative empirical research is the dominant methodology and the top three theories used are general deterrence theory, theory of planned behavior, and protection motivation theory.

Designing for Knowledge Based Cyber-Security - Episode 1: What Should We Teach?

An exhaustive literature review is helped to build a foundation for developing training based interventions, grounded on strong behavioral models, taking a knowledge management view to foster behavioral change by supplying relevant knowledge entities.

Information Security Policy Compliance: A User Acceptance Perspective

This study adapts the Technology Acceptance Model (TAM) to examine users’ behavioral intention to comply with ISPs and the impact of information security awareness on behavioral intentions to comply is considered.

Exploring the Effect of Knowledge Transfer Practices on User Compliance to IS Security Practices

The results of this study suggest that users may be contributors to the transfer of IS security policies when provided with an opportunity to participate in the development of an IS security awareness and training program.



Cultivating an organizational information security culture

A Constructive Approach to Information Systems Security Training: An Action Research Experience

A theoretically grounded approach to IS security training based on constructivism is described and the results show that the approach has a positive impact on employees’ security behavior.

Promoting security awareness and commitment

This paper traces the history of computer security, how commitment was built and the security awareness initiatives which were rolled out and a case study of a major Australian organization.

Implementing Information Security In The 21st Century Do You Have the Balancing Factors?

Making sense of experiential learning : diversity in theory and practice

Making sense coming to know creating new possibilities for learning empowering and transforming looking forward.

Information System Security Training: Making it Happen, Part 2

A framework to help develop an information system security training program that will match your organization's needs is described.

A Design Theory for Secure Information Systems Design Methods

Design theory is used to develop a SIS design theory framework that defines six requirements for Sis design methods, and it is shown how known S IS design methods fail to satisfy these requirements.

Information security awareness: educating your users effectively

Techniques borrowed from the field of social psychology, which have been largely ignored in current awareness programs, are highlighted in order to show how they could be utilized to improve the effectiveness of the awareness program.

Information System Security Training: Making It Happen: Part 2 of 2

A framework to help develop an information system security training program that will match your organization's needs is described.

Security Actions During Reduction in Workforce Efforts: What To Do When Downsizing

  • T. Bray
  • Computer Science
    Inf. Secur. J. A Glob. Perspect.
  • 2002
A successful information security program is a continuous improvement project involving people, processes, and technology, all working in unison.