Information Security Awareness资讯安全认知

1、1编辑pptInformation Security Awareness資訊安全認知資訊安全認知2编辑ppt2Elicitation of Research TopicsInformation SecurityAwarenessNational InformationSecurity ProjectING InformationSecurity Project3编辑ppt3Information Security PlatformInformation Technology, Learning, and Performance Journal 4编辑ppt4Problems Why ING n

2、eeds the information security platform ? What are the differences between e-learning and information security platform ?5编辑ppt5Systems Development inInformation Systems ResearchJAY F. NUNAMAKER, JR., MINDER CHEN, and TITUS D. M. PURDINJournal of Management Information Systems I Winter 1990-91, Vol.

3、7, No, 3, pp. 89-106.6编辑ppt6The Integrated Framework of Information Security AwarenessInformation Security Awareness PlatformEvaluation of OrganizationalInformation Security Awareness Materials and Methods for Information Security Awareness7编辑ppt7Situation Awareness 決策行為成效情 境 認 知 未來預測 Level 3 現況了解 L

4、evel 2元素知覺Level 1系統功能介面設計壓力/工作負荷複雜度自動化目標預期環境狀況 能力 經驗 訓練個人因素作業或系統 因素 長期記憶自動性資訊處理機制Endsley, M.R. and Garland D.J (Eds.) (2000)Situation Awareness Analysis and Measurement. Mahwah , NJ：Lawrence Erlbaum Associates, 8编辑ppt8Research DesignWhat is your opinion?9编辑ppt9The Evaluation Form of Information Secu

5、rity Awareness PART I: Laws and Regulations1.1 Laws and Regulations 1.1.1 I understand the meaning of the basic policy structure for IT security in the Federal government in the concept of Laws and Regulations.1.2 Policies and Procedures1.2.1 I understand the meaning of IT security safeguards are in

6、tended to achieve specific control objectives in the concept of Policies and Procedures.1.2.2 I understand the meaning of procedures define the technical and procedural safeguards that have been implemented to enforce the specified policies in the concept of Policies and Procedures.10编辑ppt10NIST SP8

7、00-16ABCs OF INFORMATION TECHNOLOGY SECURITYAAssets Something of value requiring protection (hardware, software, data, reputation)BBackup The three most important safeguards backup, backup, backupCCountermeasures and Controls Prevent, detect, and recover from security incidentsDDAA and Other Officia

8、ls Manage and accept risk and authorize the system to operateEEthics The body of rules that governs an individuals behavior.FFirewalls and Separation of Duties Minimize the potential for “incident encroachment”GGoals Confidentiality, Integrity, and Availability (CIA)11编辑ppt11Research DesignWhat is your opinion?12编辑ppt12Conclusion Research topics elic