Publication details

Home Publication details

Promoting security awareness and training within small organisations
Furnell SM, Gennatou M, Haskell-Dowland PS (Dowland PS)
Proceedings of the First Australian Information Security Management (AISM) Workshop, Geelong, Australia, 7 November, 2000
Download links:  Download PDF

Information systems security is a critical issue for all organisations with a significant dependence upon information technology. However, it is a requirement that is often difficult to address, particularly within small organisations, as a result of a lack of resources and expertise. This paper identifies the need for security awareness and describes the prototype implementation of a software tool that enables individuals to pursue self-paced security training. The tool provides an environment that permits the user to simulate the introduction of security into a number of pre-defined case study scenarios. This enables staff to become familiar with the types of countermeasures available, the situations in which they are appropriate and any constraints that they may impose. This would be particularly valuable in small organisations where specialist knowledge is often scarce and issues need to be addressed by existing staff.

Furnell SM, Gennatou M, Haskell-Dowland PS (Dowland PS)