A vocabulary test to assess information security awareness

Information Management & Computer Security

Volumn 18, Issue 5, 2010, Pages 316-327

  Kruger, Hennie ^a   Drevin, Lynette ^a   Steyn, Tjaart ^a  

^a NORTH WEST UNIVERSITY   (South Africa)

Author keywords

Cognition; Data security; Language; Semantics; Tests and testing

Indexed keywords

BEST-PRACTICES; CLASS GROUP; COGNITION; COGNITIVE PSYCHOLOGY; DATA SECURITY; DESIGN/METHODOLOGY/APPROACH; HUMAN BEHAVIORS; INFORMATION SECURITY; INFORMATION SECURITY AWARENESS; LANGUAGE; NEW APPROACHES; PROTECT INFORMATION; ROLES AND RESPONSIBILITIES; SECURITY AWARENESS; TESTS AND TESTING; TWO SECTION;

BEHAVIORAL RESEARCH; RATING; SEMANTICS; SURVEYS; TESTING;

SECURITY OF DATA;

EID: 78650328614     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685221011095236     Document Type: Article

References (18)

1. Dhillon, G. (1999), “Managing and controlling computer misuse”, Information Management & Computer Security, Vol. 7 No. 4, pp. 171-5.
2. Furnell, S.M., Bryant, P. and Phippen, A.D. (2007), “Assessing the security perceptions of personal internet users”, Computers and Security, Vol. 26 No. 5, pp. 410-417.
3. Kruger, H.A., Drevin, L. and Steyn, T. (2010), “The use of an information security vocabulary test to assess information security awareness – an exploratory study”, in Ed. Clarke, N., Ed. Furnell, S. and Ed. von Solms, R. (Eds), Proceedings of the South African Information Security Multi-Conference, Port Elizabeth, South Africa 17-18 May, Centre for Security, Communications & Network Research, University of Plymouth, Plymouth.
4. Maseti, O. and Pottas, D. (2006), “A role-based security awareness model for South African hospitals”, Proceedings of the 6th Annual Information Security South Africa Conference, Sandton, South Africa, 5-7 July.
5. Mullis, I.V.S., Martin, M.O. and Foy, P. (2005), IEA's TIMMS 2003, International Report on Achievement in the Mathematics Cognitive Domains, International Association for the Evaluation of Educational Achievement (IEA), Boston college, Boston, MA.
6. Pentasafe Security Technologies (2002), Security Awareness Index Report: The State of Security Awareness among Organizations Worldwide, Pentasafe Security Technologies, Farnham.
7. Pfleeger, C.P. and Pfleeger, S.L. (2007), Security in Computing, 4th ed., Prentice-Hall, Upper Saddle River, NJ.
8. Price WaterhouseCoopers (2008), “Information security breaches survey”, Technical report, available at: www.security-survey.gov.uk (accessed 25 November 2009).
9. Robinson-Riegler, G. and Robinson-Riegler, B. (2008), Cognitive Psychology Applying the Science of Mind, Pearson, Boston, MA.
10. Russel, S. and Norvig, P. (1995), Artificial Intelligence: A Modern Approach, Prentice-Hall, Englewood Cliffs, NJ.
11. SANS (2005), E-mail Security Threats, SANS Institute Info Sec Reading Room, Bethesda, MA.
12. Schlienger, T. and Teufel, S. (2003), “Information security culture – from analysis to change”, South African Computer Journal, Vol. 31, pp. 46-52.
13. Slater, A. and Bremner, G. (2005), An Introduction to Developmental Psychology, Blackwell, Padstow.
14. van der Walt, M.S. (2008), “Aanpassing van die studie oriëntasievraelys in Wiskunde vir gebruik in die intermediêre fase”, PhD dissertation, North-West University, Potchefstroom.
15. van der Walt, M.S., Maree, K. and Ellis, S. (2008), “A mathematics vocabulary questionnaire for use in the intermediate phase”, South African Journal of Education, No. 28, pp. 489-504.
16. van Niekerk, J.F. (2005), “Establishing an information security culture in organizations: an outcomes based education approach”, M dissertation, Nelson Mandela Metropolitan University, Port Elizabeth.
17. van Niekerk, J.F. and von Solms, R. (2004), “Corporate information security education: is outcomes based education the solution?”, paper presented at the 10th IFIP WG11.1 Annual Working Conference on Information Security Management, World Computer Congress (WCC), Toulouse.
18. von Solms, R. (1998), “Information security management (3): the code of practice for information security management (BS7799)”, Information Management & Computer Security, Vol. 6 No. 5, pp. 224-5.