SlideShare uma empresa Scribd logo

Jonas hallberg. securit

Transferir como PPTX, PDF
NordForsk
NordForsk

New Trends in Societal Security research in the Nordic countries 26 - 27 November 2014 in Stockholm

Ciências
1 de 13
Security culture and information technology, SECURIT Teodor Sommestad Jonas Hallberg www.foi.se/securit
Information security? • Secure information assets … • Administrative security, physical security, IT security1 • The right information to the right entity on time Alice 1. SIS. (2007). SIS HB 550: Terminologi för informationssäkerhet, utgåva 3. SIS Förlag. www.foi.se/securit Bob MKG PMKG KPubl Kpriv
Organization, human, and technology Organization with individuals www.foi.se/securit ISMS Information security culture Education, training, and exercises Compliance Access control Technology Protection against malware Intrusion prevention Intrusion detection Logging
Motivation • The need for improved information security • Security culture is vital for information security • SECURIT studies: • security‐relevant characteristics of humans and organizations • the effects of applied social measures www.foi.se/securit
What is culture? Hoefstede: “culture is the collective programming of the mind that distinguishes the members of one group or category of people from another”. www.foi.se/securit Edgar Schein:
The SECURIT research consortium www.foi.se/securit
The SECURIT program, 2012-2017 Psychology Information security culture Cognitive science www.foi.se/securit Philosophy Informatics Political science Cyber security Information security culture: Shared patterns of thought, behaviour, and values that arise and evolve within a social group, based on communicative processes influenced by internal and external requirements, are conveyed to new members and have implications on information security.
The research projects in SECURIT www.foi.se/securit
Themes addressed in User acceptance of information security policies • Theme 1: Factors influencing the compliance with information security policies and similar security-related behavior within organizations • Theme 2: The risk perceptions of individuals and groups and the relationship between information security risk perceptions, policies, and compliance • Theme 3: Information security incident models and the effect on the information security of organizations www.foi.se/securit
Theme 1: Protection Motivation Theory Rewards Coping appraisal Response efficacy Self-efficacy Response cost 0.19 (only one study) 0.17 to 0.30 0.34 to 0.40 0.38 to 0.40 -0.40 to -0.28 www.foi.se/securit Intention R2=0.37 to 0.42 Behavior Threat appraisal Severity Vulnerability 0.18 to 0.31 • It matters if it is: • Compliance or secure behavior • Threats to you or threats to others • Generic or specific behavior Sommestad, Teodor, Henrik Karlzén and Jonas Hallberg, “A Meta-Analysis of Studies on Protection Motivation Theory and Information Security Behavior”
Theme 1: Theory of planned behavior www.foi.se/securit Intention Behaviour Attitude Subjective Norm Percieved Behaviour Control R2=0.42 R2=0.25-31 Actual Behaviour Control E.g., I find it meaningful to follow the rules? Were the rules 0.48 actually followed? 0.52 0.45 E.g., my friends think I should follow the rules? E.g., I have the ability to do what the rules says? E.g., I intend to follow the rules? 0.83 0.35 How difficult it actually is? Sommestad, Teodor, and Jonas Hallberg. 2013. “A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance”
Theme 2: How do people do their information security risk calculations? Weinstein, N D. 2000. “Perceived Probability, Perceived Severity, and Health- Protective Behavior.” Health Psychology : Official Journal of the Division of Health Psychology, American Psychological Association 19 (1) (January): 65–74. www.foi.se/securit
SECURIT project managers • Security culture: Sven Ove Hansson, KTH • User acceptance of information security policies: Teodor Sommestad, FOI • Attitude, culture, and information security: Anders Pousette, Göteborgs universitet • Discourse and security practice: Peter Johansson, Göteborgs universitet • Balanced IT-based Organizational development: Jonas Landgren, Göteborgs universitet/Chalmers • ATTITUDE: Joachim Åström, Örebro universitet • INTERORG: Frans Prenkert, Örebro universitet • CONGRUENCE: Karin Axelsson, Linköpings universitet www.foi.se/securit

Recomendados

IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAEIT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
360 BSI
 
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAEIT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
360 BSI
 
Internet of things: A beginners' guide
Internet of things: A beginners' guideInternet of things: A beginners' guide
Internet of things: A beginners' guide
Amala Putrevu
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
360 BSI
 
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAECybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
360 BSI
 
Resume harris 19x
Resume harris 19xResume harris 19x
Resume harris 19x
NickHarris84
 
Economics of Cyber Security
Economics of Cyber SecurityEconomics of Cyber Security
Economics of Cyber Security
Fernando Montenegro
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
IGN MANTRA
 

Recomendados

IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAEIT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
360 BSI
 
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAEIT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
360 BSI
 
Internet of things: A beginners' guide
Internet of things: A beginners' guideInternet of things: A beginners' guide
Internet of things: A beginners' guide
Amala Putrevu
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
360 BSI
 
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAECybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
360 BSI
 
Resume harris 19x
Resume harris 19xResume harris 19x
Resume harris 19x
NickHarris84
 
Economics of Cyber Security
Economics of Cyber SecurityEconomics of Cyber Security
Economics of Cyber Security
Fernando Montenegro
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
IGN MANTRA
 
Data Ethics and Privacy.pdf
Data Ethics and Privacy.pdfData Ethics and Privacy.pdf
Data Ethics and Privacy.pdf
AmirKhan811717
 
Internet Research Ethics CSSWS2015 Tutorial
Internet Research Ethics CSSWS2015 TutorialInternet Research Ethics CSSWS2015 Tutorial
Internet Research Ethics CSSWS2015 Tutorial
Ka_Kinder
 
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
University of Sydney
 
BYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi MaruBYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi Maru
Michele Chubirka
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital Rules
Rónán Kennedy
 
What are Ethics in Psychological Research.pdf
What are Ethics in Psychological Research.pdfWhat are Ethics in Psychological Research.pdf
What are Ethics in Psychological Research.pdf
sophiaamelia2525
 
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
Finni Rice
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet Security
Ana Meskovska
 
Professional Ethics In Computing
Professional Ethics In Computing Professional Ethics In Computing
Professional Ethics In Computing
Ayushsingh603799
 
An ABC of cyberethics
An ABC of cyberethicsAn ABC of cyberethics
An ABC of cyberethics
Yamith José Fandiño Parra
 
Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61
Liming Zhu
 
Ethical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and UseEthical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and Use
university of education,Lahore
 
Ethical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and UseEthical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and Use
university of education,Lahore
 
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance FrameworkID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
IGF Indonesia
 
Bachelor of Science (Honours) Safety, Health and Environmental Man.docx
Bachelor of Science (Honours) Safety, Health and Environmental Man.docxBachelor of Science (Honours) Safety, Health and Environmental Man.docx
Bachelor of Science (Honours) Safety, Health and Environmental Man.docx
wilcockiris
 
Practical Advantages of a Security Educated Workforce
Practical Advantages of a Security Educated WorkforcePractical Advantages of a Security Educated Workforce
Practical Advantages of a Security Educated Workforce
Keyaan Williams
 
Ics 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedIcs 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - edited
Nelson Kimathi
 
Ethics & Privacy for Learning Analytics
Ethics & Privacy for Learning AnalyticsEthics & Privacy for Learning Analytics
Ethics & Privacy for Learning Analytics
Tore Hoel
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 
Information security management.doc
Information security management.docInformation security management.doc
Information security management.doc
Avinash Avuthu
 
Radiskan presentation NordForsk
Radiskan presentation NordForskRadiskan presentation NordForsk
Radiskan presentation NordForsk
NordForsk
 
Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014
Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014
Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014
NordForsk
 

Mais conteúdo relacionado

Semelhante a Jonas hallberg. securit

2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet Security
Ana Meskovska
 
Ethical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and UseEthical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and Use
university of education,Lahore
 
Bachelor of Science (Honours) Safety, Health and Environmental Man.docx
Bachelor of Science (Honours) Safety, Health and Environmental Man.docxBachelor of Science (Honours) Safety, Health and Environmental Man.docx
Bachelor of Science (Honours) Safety, Health and Environmental Man.docx
wilcockiris
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 

Semelhante a Jonas hallberg. securit (20)

Data Ethics and Privacy.pdf
Data Ethics and Privacy.pdfData Ethics and Privacy.pdf
Data Ethics and Privacy.pdf
 
Internet Research Ethics CSSWS2015 Tutorial
Internet Research Ethics CSSWS2015 TutorialInternet Research Ethics CSSWS2015 Tutorial
Internet Research Ethics CSSWS2015 Tutorial
 
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
 
BYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi MaruBYOD: Beating IT's Kobayashi Maru
BYOD: Beating IT's Kobayashi Maru
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital Rules
 
What are Ethics in Psychological Research.pdf
What are Ethics in Psychological Research.pdfWhat are Ethics in Psychological Research.pdf
What are Ethics in Psychological Research.pdf
 
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet Security
 
Professional Ethics In Computing
Professional Ethics In Computing Professional Ethics In Computing
Professional Ethics In Computing
 
An ABC of cyberethics
An ABC of cyberethicsAn ABC of cyberethics
An ABC of cyberethics
 
Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61
 
Ethical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and UseEthical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and Use
 
Ethical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and UseEthical Issues related to Information System Design and Use
Ethical Issues related to Information System Design and Use
 
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance FrameworkID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
 
Bachelor of Science (Honours) Safety, Health and Environmental Man.docx
Bachelor of Science (Honours) Safety, Health and Environmental Man.docxBachelor of Science (Honours) Safety, Health and Environmental Man.docx
Bachelor of Science (Honours) Safety, Health and Environmental Man.docx
 
Practical Advantages of a Security Educated Workforce
Practical Advantages of a Security Educated WorkforcePractical Advantages of a Security Educated Workforce
Practical Advantages of a Security Educated Workforce
 
Ics 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedIcs 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - edited
 
Ethics & Privacy for Learning Analytics
Ethics & Privacy for Learning AnalyticsEthics & Privacy for Learning Analytics
Ethics & Privacy for Learning Analytics
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
 
Information security management.doc
Information security management.docInformation security management.doc
Information security management.doc
 

Mais de NordForsk

Mais de NordForsk (20)

Radiskan presentation NordForsk
Radiskan presentation NordForskRadiskan presentation NordForsk
Radiskan presentation NordForsk
 
Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014
Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014
Guðrún Gísladóttir and Guðrún Pétursdóttir NORDRESS 26.nov. 2014
 
Ragnar andersson. towards an evidence based zero vision on residential
Ragnar andersson. towards an evidence based zero vision on residentialRagnar andersson. towards an evidence based zero vision on residential
Ragnar andersson. towards an evidence based zero vision on residential
 
Nina græger. the duty of care, protecting citizens abroad.
Nina græger. the duty of care, protecting citizens abroad.Nina græger. the duty of care, protecting citizens abroad.
Nina græger. the duty of care, protecting citizens abroad.
 
Lena näre. insecure lives
Lena näre. insecure livesLena näre. insecure lives
Lena näre. insecure lives
 
Lars nyberg cnds
Lars nyberg cndsLars nyberg cnds
Lars nyberg cnds
 
Kamrul hussein hu s arctic
Kamrul hussein hu s arcticKamrul hussein hu s arctic
Kamrul hussein hu s arctic
 
Fred størseth. new strains of society hidden, dynamic and emergent vulnerabil...
Fred størseth. new strains of society hidden, dynamic and emergent vulnerabil...Fred størseth. new strains of society hidden, dynamic and emergent vulnerabil...
Fred størseth. new strains of society hidden, dynamic and emergent vulnerabil...
 
Risto kunelius. security, privacy and trust, the legitimation challenge of th...
Risto kunelius. security, privacy and trust, the legitimation challenge of th...Risto kunelius. security, privacy and trust, the legitimation challenge of th...
Risto kunelius. security, privacy and trust, the legitimation challenge of th...
 
Peter burgess. digicom
Peter burgess. digicomPeter burgess. digicom
Peter burgess. digicom
 
Jo helle valle. homerisk
Jo helle valle. homeriskJo helle valle. homerisk
Jo helle valle. homerisk
 
Eija stark. roma and nordic societies historical security practices of the ma...
Eija stark. roma and nordic societies historical security practices of the ma...Eija stark. roma and nordic societies historical security practices of the ma...
Eija stark. roma and nordic societies historical security practices of the ma...
 
Thomas persson. persona, social capital, administrative traditions and crisis...
Thomas persson. persona, social capital, administrative traditions and crisis...Thomas persson. persona, social capital, administrative traditions and crisis...
Thomas persson. persona, social capital, administrative traditions and crisis...
 
Per lagræd. govcap
Per lagræd. govcapPer lagræd. govcap
Per lagræd. govcap
 
Magnus ekengern. crisis management cooperation in europe an empirical investi...
Magnus ekengern. crisis management cooperation in europe an empirical investi...Magnus ekengern. crisis management cooperation in europe an empirical investi...
Magnus ekengern. crisis management cooperation in europe an empirical investi...
 
Erik albrechtsen. nexus
Erik albrechtsen. nexusErik albrechtsen. nexus
Erik albrechtsen. nexus
 
w Norwegian strategy societal research and development per brekke dsb
w Norwegian strategy societal research and development per brekke dsbw Norwegian strategy societal research and development per brekke dsb
w Norwegian strategy societal research and development per brekke dsb
 
Points for summary, NordForsk conference 26-27 nov 14, Kenneth Pettersen
Points for summary, NordForsk conference 26-27 nov 14, Kenneth PettersenPoints for summary, NordForsk conference 26-27 nov 14, Kenneth Pettersen
Points for summary, NordForsk conference 26-27 nov 14, Kenneth Pettersen
 
NordForsk msb 2014nov27 lundstedt
NordForsk msb 2014nov27 lundstedtNordForsk msb 2014nov27 lundstedt
NordForsk msb 2014nov27 lundstedt
 
Tom Sorell, University of Warwick. partnership for conflict, crime and securi...
Tom Sorell, University of Warwick. partnership for conflict, crime and securi...Tom Sorell, University of Warwick. partnership for conflict, crime and securi...
Tom Sorell, University of Warwick. partnership for conflict, crime and securi...
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Pests of mustard_Identification_Management_Dr.UPR.pdf
Pests of mustard_Identification_Management_Dr.UPR.pdfPests of mustard_Identification_Management_Dr.UPR.pdf
Pests of mustard_Identification_Management_Dr.UPR.pdf
PirithiRaju
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Sérgio Sacani
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Monika Rani
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
PirithiRaju
 
The Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxThe Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptx
seri bangash
 
9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service
nishacall1
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
levieagacer
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
PirithiRaju
 
Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified
Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verifiedConnaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified
Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified
Delhi Call girls
 

Último (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Pests of mustard_Identification_Management_Dr.UPR.pdf
Pests of mustard_Identification_Management_Dr.UPR.pdfPests of mustard_Identification_Management_Dr.UPR.pdf
Pests of mustard_Identification_Management_Dr.UPR.pdf
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
 
FAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical ScienceFAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical Science
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
 
The Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxThe Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptx
 
9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 22 (Delhi) Call Girl Service
 
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICESAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
 
High Class Escorts in Hyderabad ₹7.5k Pick Up & Drop With Cash Payment 969456...
High Class Escorts in Hyderabad ₹7.5k Pick Up & Drop With Cash Payment 969456...High Class Escorts in Hyderabad ₹7.5k Pick Up & Drop With Cash Payment 969456...
High Class Escorts in Hyderabad ₹7.5k Pick Up & Drop With Cash Payment 969456...
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
 
PSYCHOSOCIAL NEEDS. in nursing II sem pptx
PSYCHOSOCIAL NEEDS. in nursing II sem pptxPSYCHOSOCIAL NEEDS. in nursing II sem pptx
PSYCHOSOCIAL NEEDS. in nursing II sem pptx
 
Forensic Biology & Its biological significance.pdf
Forensic Biology & Its biological significance.pdfForensic Biology & Its biological significance.pdf
Forensic Biology & Its biological significance.pdf
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)
 
Site Acceptance Test .
Site Acceptance Test .Site Acceptance Test .
Site Acceptance Test .
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
 
Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified
Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verifiedConnaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified
Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified
 

Jonas hallberg. securit

  • 1. Security culture and information technology, SECURIT Teodor Sommestad Jonas Hallberg www.foi.se/securit
  • 2. Information security? • Secure information assets … • Administrative security, physical security, IT security1 • The right information to the right entity on time Alice 1. SIS. (2007). SIS HB 550: Terminologi för informationssäkerhet, utgåva 3. SIS Förlag. www.foi.se/securit Bob MKG PMKG KPubl Kpriv
  • 3. Organization, human, and technology Organization with individuals www.foi.se/securit ISMS Information security culture Education, training, and exercises Compliance Access control Technology Protection against malware Intrusion prevention Intrusion detection Logging
  • 4. Motivation • The need for improved information security • Security culture is vital for information security • SECURIT studies: • security‐relevant characteristics of humans and organizations • the effects of applied social measures www.foi.se/securit
  • 5. What is culture? Hoefstede: “culture is the collective programming of the mind that distinguishes the members of one group or category of people from another”. www.foi.se/securit Edgar Schein:
  • 6. The SECURIT research consortium www.foi.se/securit
  • 7. The SECURIT program, 2012-2017 Psychology Information security culture Cognitive science www.foi.se/securit Philosophy Informatics Political science Cyber security Information security culture: Shared patterns of thought, behaviour, and values that arise and evolve within a social group, based on communicative processes influenced by internal and external requirements, are conveyed to new members and have implications on information security.
  • 8. The research projects in SECURIT www.foi.se/securit
  • 9. Themes addressed in User acceptance of information security policies • Theme 1: Factors influencing the compliance with information security policies and similar security-related behavior within organizations • Theme 2: The risk perceptions of individuals and groups and the relationship between information security risk perceptions, policies, and compliance • Theme 3: Information security incident models and the effect on the information security of organizations www.foi.se/securit
  • 10. Theme 1: Protection Motivation Theory Rewards Coping appraisal Response efficacy Self-efficacy Response cost 0.19 (only one study) 0.17 to 0.30 0.34 to 0.40 0.38 to 0.40 -0.40 to -0.28 www.foi.se/securit Intention R2=0.37 to 0.42 Behavior Threat appraisal Severity Vulnerability 0.18 to 0.31 • It matters if it is: • Compliance or secure behavior • Threats to you or threats to others • Generic or specific behavior Sommestad, Teodor, Henrik Karlzén and Jonas Hallberg, “A Meta-Analysis of Studies on Protection Motivation Theory and Information Security Behavior”
  • 11. Theme 1: Theory of planned behavior www.foi.se/securit Intention Behaviour Attitude Subjective Norm Percieved Behaviour Control R2=0.42 R2=0.25-31 Actual Behaviour Control E.g., I find it meaningful to follow the rules? Were the rules 0.48 actually followed? 0.52 0.45 E.g., my friends think I should follow the rules? E.g., I have the ability to do what the rules says? E.g., I intend to follow the rules? 0.83 0.35 How difficult it actually is? Sommestad, Teodor, and Jonas Hallberg. 2013. “A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance”
  • 12. Theme 2: How do people do their information security risk calculations? Weinstein, N D. 2000. “Perceived Probability, Perceived Severity, and Health- Protective Behavior.” Health Psychology : Official Journal of the Division of Health Psychology, American Psychological Association 19 (1) (January): 65–74. www.foi.se/securit
  • 13. SECURIT project managers • Security culture: Sven Ove Hansson, KTH • User acceptance of information security policies: Teodor Sommestad, FOI • Attitude, culture, and information security: Anders Pousette, Göteborgs universitet • Discourse and security practice: Peter Johansson, Göteborgs universitet • Balanced IT-based Organizational development: Jonas Landgren, Göteborgs universitet/Chalmers • ATTITUDE: Joachim Åström, Örebro universitet • INTERORG: Frans Prenkert, Örebro universitet • CONGRUENCE: Karin Axelsson, Linköpings universitet www.foi.se/securit