A prototype tool for information security awareness and training |
Information systems security is a critical issue for all organisations with a significant<br />
Furnell SM, Gennatou M, Haskell-Dowland PS (Dowland PS)
dependence upon information technology. However, it is a requirement that is often<br />
difficult to address, particularly within small organisations, as a result of a lack of<br />
resources and expertise. This paper identifies the need for security awareness and<br />
describes the prototype implementation of a software tool that enables individuals to<br />
pursue self-paced security training. The tool provides an environment that permits the<br />
user to simulate the introduction of security into a number of pre-defined case study<br />
scenarios. This enables staff to become familiar with the types of countermeasures<br />
available, the situations in which they are appropriate and any constraints that they<br />
may impose. This would be particularly valuable in small organisations where<br />
specialist knowledge is often scarce and issues need to be addressed by existing staff.