A Corporate Employee as a Subject of Corporate Information Security Management
A contradiction is revealed between the rise in the number of information security incidents in companies through the fault of employees and the stable inefficiency of measures taken by employers to reduce these incidents. It is concluded that there is a lack of attention on the part of scientists t...
Saved in:
Published in | Scientific and technical information processing Vol. 47; no. 2; pp. 113 - 118 |
---|---|
Main Author | |
Format | Journal Article |
Language | English |
Published |
Moscow
Pleiades Publishing
01.04.2020
Springer Nature B.V |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | A contradiction is revealed between the rise in the number of information security incidents in companies through the fault of employees and the stable inefficiency of measures taken by employers to reduce these incidents. It is concluded that there is a lack of attention on the part of scientists to the current trends in corporate management (quality, personnel, knowledge, and risk management) that consists in more active participation of employees in managerial processes. The need for strengthening the role of the user of a corporate information system as a subject involved in managing its information security is substantiated based on the example of detecting social engineering attacks. The organizational, hardware, and software tools for engaging the user in this process are described. |
---|---|
ISSN: | 0147-6882 1934-8118 |
DOI: | 10.3103/S0147688220020069 |