Access the full text.
Sign up today, get DeepDyve free for 14 days.
Alexander McLeod, Diane Dolezel (2018)
Cyber-analytics: Modeling factors associated with healthcare data breachesDecis. Support Syst., 108
(2013)
ISO/IEC 27001 – Information security management systems — requirements
Melinda Lyons, Sally Adams, M. Woloshynowych, C. Vincent (2004)
Human reliability analysis in healthcare: A review of techniquesThe international journal of risk and safety in medicine, 16
M. Evans, L. Maglaras, Ying He, H. Janicke (2016)
Human behaviour as an aspect of cybersecurity assuranceSecur. Commun. Networks, 9
M. Evans, Ying He, I. Yevseyeva, H. Janicke (2018)
Analysis of Published Public Sector Information Security Incidents and Breaches to establish the Proportions of Human Error
Peter Mayer, Alexandra Kunz, M. Volkamer (2017)
Reliable Behavioural Factors in the Information Security ContextProceedings of the 12th International Conference on Availability, Reliability and Security
Tzipora Halevi, N. Memon, J. Levis, P. Kumaraguru, Sumit Arora, Nikita Dagar, F. Aloul, Jay Chen (2016)
Cultural and psychological factors in cyber-securityProceedings of the 18th International Conference on Information Integration and Web-based Applications and Services
D. Lacey (2010)
Understanding and transforming organizational security cultureInf. Manag. Comput. Secur., 18
H. Stewart, J. Jürjens (2017)
Information security management and the human aspect in organizationsInf. Comput. Secur., 25
J. Braband, H. Schäbe (2016)
Probability and security – pitfalls and chancesSafety and Reliability, 36
J. Rooksby, R. Gerry, Andrew Smith (2007)
Incident reporting schemes and the need for a good storyInternational journal of medical informatics, 76 Suppl 1
J. Williams (2015)
Heart—A Proposed Method for Achieving High Reliability in Process Operation by Means of Human Factors Engineering TechnologySafety and Reliability, 35
P. Cacciabue, G. Vella (2010)
Human factors engineering in healthcare systems: The problem of human error and accident managementInternational journal of medical informatics, 79 4
Evangelos Frangopoulos, M. Eloff, L. Venter (2014)
Human Aspects of Information Assurance: A Questionnaire-based Quantitative Approach to Assessment
Rinton Press, 13
Ying He, Chris Johnson (2015)
Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security TemplateInternational journal of medical informatics, 84 11
P. Nguyen, C. Turkay, G. Andrienko, N. Andrienko, Olivier Thonnard, Jihane Zouaoui (2019)
Understanding User Behaviour through Action Sequences: From the Usual to the UnusualIEEE Transactions on Visualization and Computer Graphics, 25
(2018)
Information governance incidents closed
M. Evans, Ying He, L. Maglaras, I. Yevseyeva, H. Janicke (2019)
Evaluating information security core human error causes (IS-CHEC) technique in public sector and comparison with the private sectorInternational journal of medical informatics, 127
Reza Alavi, Shareeful Islam, H. Mouratidis (2016)
An information security risk-driven investment model for analysing human factorsInf. Comput. Secur., 24
M. Kyriakidis, Vivek Kant, Sulfikar Amir, V. Dang (2017)
Understanding human performance in sociotechnical systems – Steps towards a generic frameworkSafety Science
Ayako Komatsu, D. Takagi, T. Takemura (2013)
Human aspects of information security: An empirical study of intentional versus actual behaviorInf. Manag. Comput. Secur., 21
(2015)
RCA improving root cause analyses and actions to prevent harm
S. Choi, J. Martins, Igor Bernik (2018)
Information security: Listening to the perspective of organisational insidersJournal of Information Science, 44
(2018)
Data security incident trends
Efthymia Metalidou, C. Marinagi, P. Trivellas, Niclas Eberhagen, C. Skourlas, G. Giannakopoulos (2014)
The Human Factor of Information Security: Unintentional Damage Perspective☆Procedia - Social and Behavioral Sciences, 147
Tatsuo Asai, Aline Hakizabera (2010)
Human-Related Problems of Information Security in East African Cross-Cultural EnvironmentsInf. Manag. Comput. Secur., 18
Inho Hwang, Daejin Kim, Taeha Kim, Sanghyun Kim (2017)
Why not comply with information security? An empirical approach for the causes of non-complianceOnline Inf. Rev., 41
T. Chandler, J. Chang, A.J.M. Mosleb, R. Boring, D. Gertman (2006)
Human reliability analysis methods selection guidance for NASANational Aeronautics and Space Administration
S. Furnell, Warut Khern-am-nuai, R. Esmael, Weining Yang, Ninghui Li (2018)
Enhancing security behaviour by supporting the userComput. Secur., 75
L. Hadlington, M. Popovac, H. Janicke, I. Yevseyeva, Kevin Jones (2019)
Exploring the role of work identity and work locus of control in information security awarenessComput. Secur., 81
K. Parsons, D. Calic, M. Pattinson, M. Butavicius, Agata McCormac, Tara Zwaans (2017)
The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studiesComput. Secur., 66
G.B. Wangen, N. Hellesen, G. Wangen, H. Torres, E. Braekken (2017)
An empirical study of root-cause analysis in information security management implementation of information security management system and risk management view project an empirical study of root-cause analysis in information security management
International Journal of Medical Informatics
P. Hibbert, Matthew Thomas, A. Deakin, W. Runciman, J. Braithwaite, S. Lomax, J. Prescott, G. Gorrie, Amy Szczygielski, Tanja Surwald, C. Fraser (2018)
Are root cause analyses recommendations effective and sustainable? An observational studyInternational Journal for Quality in Health Care, 30
M. Evans, Ying He, L. Maglaras, H. Janicke (2019)
HEART-IS: A novel technique for evaluating human error-related information security incidentsComput. Secur., 80
R. Werlinger, K. Hawkey, K. Beznosov (2009)
An integrated view of human, organizational, and technological challenges of IT security managementInf. Manag. Comput. Secur., 17
Amjad Mahfuth, S. Yussof, Asmidar Baker, N. Ali (2017)
A systematic literature review: Information security culture2017 International Conference on Research and Innovation in Information Systems (ICRIIS)
This paper aims to provide an understanding of the proportions of incidents that relate to human error. The information security field experiences a continuous stream of information security incidents and breaches, which are publicised by the media, public bodies and regulators. Despite the need for information security practices being recognised and in existence for some time, the underlying general information security affecting tasks and causes of these incidents and breaches are not consistently understood, particularly with regard to human error.Design/methodology/approachThis paper analyses recent published incidents and breaches to establish the proportions of human error and where possible subsequently uses the HEART (human error assessment and reduction technique) human reliability analysis technique, which is established within the safety field.FindingsThis analysis provides an understanding of the proportions of incidents and breaches that relate to human error, as well as the common types of tasks that result in these incidents and breaches through adoption of methods applied within the safety field.Originality/valueThis research provides original contribution to knowledge through the analysis of recent public sector information security incidents and breaches to understand the proportions that relate to human error.
Information and Computer Security – Emerald Publishing
Published: Jun 19, 2019
Keywords: Information security; Human error; Incidents; Breaches; HEART; GISAT
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.