Information security vulnerability in an Iranian context from human perspective(electrical industry)
Information security is about confidentiality, integrity and availability of the data and due to complexity of human resources the information security is always in danger of the internal threat. This study is an attempt to illustrate the importance of the human factor as an inter-organizational thr...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/48221/1/MalahatPouransafarMFC2013.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Information security is about confidentiality, integrity and availability of the data and due to complexity of human resources the information security is always in danger of the internal threat. This study is an attempt to illustrate the importance of the human factor as an inter-organizational threat that may contribute in information security breach. The objectives of this research are to identify the human factors that may cause the information security vulnerability in Iranian electrical industry, to suggest a conceptual framework, as well as to suggest some practical solutions to deal properly with human factor and mitigate the rate of information security vulnerability in Iranian electrical industry. This research proposes a model to illustrate important human factors that may contribute in information security vulnerability. The author conducts 20 asynchronous online interviews with IT managers and their staff in IT departments of the Iranian Electrical industry. According to the findings, lack of training, lack of team working skill, having no control on emotions , having different risk perceptions, improper attitudes, improper risk communication and having demotivated staff are recognized as the significant reasons of information security vulnerability from the human angel within the Iranian electrical industry. The respondents of the study suggested some practical solutions to deal properly with human factor and mitigate the rate of information security vulnerability in Iranian electrical industry. |
|---|