Access the full text.
Sign up today, get DeepDyve free for 14 days.
K. Ringdal
Enhet og mangfold: samfunnsvitenskapelig forskning og kvantitativ metode (in Norwegian) (Unity and Diversity: Social Science and Quantitative Methods)
A. Wang, Ken Yetsko (2005)
Building reusable information security courseware
J. Hagen, E. Albrechtsen (2009)
Effects on employees' information security abilities by e-learningInf. Manag. Comput. Secur., 17
J. Hagen
How do employees comply with security policy? A comparative case study of four organizations under the Norwegian Security Act
G. Yukl (2009)
Leading organizational learning: Reflections on theory and researchLeadership Quarterly, 20
L. Goldenhar, P. Schulte (1994)
Intervention research in occupational health and safety.Journal of occupational medicine. : official publication of the Industrial Medical Association, 36 7
K. Rantos, Konstantinos Fysarakis, C. Manifavas (2012)
How Effective Is Your Security Awareness Program? An Evaluation MethodologyInformation Security Journal: A Global Perspective, 21
T. Kristensen (2005)
Intervention studies in occupational epidemiologyOccupational and Environmental Medicine, 62
R. Brody, William Brizzee, Lewis Cano (2012)
Flying under the radar: social engineeringInternational Journal of Accounting and Information Management, 20
J. Hagen (2009)
Human Relationships: A Never-Ending Security Education Challenge?IEEE Security & Privacy, 7
I. Nonaka, H. Takeuchi (1995)
The Knowledge-Creating Company: How
B. Schneier (2000)
Secrets and Lies: Digital Security in a Networked World
Benjamin Cone, C. Irvine, M. Thompson, Thuy Nguyen (2007)
A video game for cyber security training and awarenessComput. Secur., 26
D. Waldman, Yair Berson, R. Keller (2006)
Leadership and organizational learningLeadership Quarterly, 20
J. Hagen, C. Irvine, A. Thompson
A preliminary study of barriers to engagement in cybersiege
C. Argyris, Donald Schön (1978)
Organizational Learning: A Theory Of Action Perspective
ENISA
Information Security Awareness Initiatives: Current Practice and the Measurement of Success
L. Robson, H. Shannon, L. Goldenhar, A. Hale (2001)
Guide to Evaluating the Effectiveness of Strategies for Preventing Work Injuries: How to Show Whether a Safety Intervention Really Works
E. Albrechtsen (2008)
Friend or foe? Information security management of employees
E. Schultz (2005)
The human factor in securityComput. Secur., 24
R. Garris, R. Ahlers, J. Driskell (2002)
Games, Motivation, and Learning: A Research and Practice ModelSimulation & Gaming, 33
Guillaume Denis, P. Jouvelot (2005)
Motivation-driven educational game design: applying best practices to music education
P. Ward, C. Smith (2002)
The Development of Access Control Policies for Information Technology SystemsComput. Secur., 21
J. Brown, P. Duguid (1991)
Organizational Learning and Communities-of-Practice: Toward a Unified View of Working, Learning, and InnovationOrganization Science, 2
I. Nonaka, H. Takeuchi
The Knowledge Creating Company
M. Rentroia-Bonito, J. Jorge, C. Ghaoui (2006)
Motivation to E-Learn Within Organizational Settings: An Exploratory Factor StructureInt. J. Distance Educ. Technol., 4
Torgeir Dingsøyr, N. Moe (2008)
The Impact of Employee Participation on the Use of an Electronic Process Guide: A Longitudinal Case StudyIEEE Transactions on Software Engineering, 34
K. Weick (1991)
The Nontraditional Quality of Organizational LearningOrganization Science, 2
Purpose – The purpose of this paper is to measure and discuss the long‐term effects of an e‐learning tool aiming at improving the information security knowledge, awareness, and behaviour of employees. Design/methodology/approach – The intervention study had two assessments of knowledge and attitudes among employees: one survey, one week before the intervention, and one survey eight months after the intervention. The population was divided into an intervention group and a control group, where the only separated the groups was participation in the intervention (i.e. the e‐learning tool). Findings – The study documents that the effects of the intervention on security awareness and behavior partly remains more than half a year after the intervention, but that the detailed knowledge on information security issues diminished during the period. The study also discusses how such courseware can contribute to long‐term organizational learning compared with human interventions such as action research. Both human resource management and internal promotion are necessary input in the process to successfully educate and train employees in information security. Research limitations/implications – One weakness of concern is the low response rate of 37 in the final analysis. Practical implications – The study can document that short‐time effects of software supported information security awareness on employees' knowledge, behaviour, and awareness diminish over time. It is thus important to maintain and continually perform information security awareness. More interventions studies, following the same principles as presented in this paper, of other user‐directed measures is needed, to test and document the effects of different measures. Originality/value – The paper is innovative in the area of information security research as it shows how an information security intervention can be measured.
Information Management & Computer Security – Emerald Publishing
Published: Jul 19, 2011
Keywords: Information security; E‐learning; Awareness; Behaviour; Intervention study; Organizational learning
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.