Options
Security-aware organisational cultures as a starting point for mitigating socio-technical risks
Citation Link: https://doi.org/10.15480/882.1130
Publikationstyp
Conference Paper
Date Issued
2013
Sprache
English
Author(s)
TORE-DOI
First published in
Number in series
P-220
Start Page
2046
End Page
2057
Citation
Übelacker, S. (2013). Security-aware organisational cultures as a starting point for mitigating socio-technical risks. In M. Horbach (Ed.), Informatik 2013 (pp. 2046-2057). (Lecture Notes in Informatics (LNI); Vol. P-220). Bonn: Gesellschaft fuer Informatik e.V.
Contribution to Conference
Publisher Link
Publisher
Gesellschaft für Informatik e.V.
This extended abstract briefly introduces Hofstede's three leveled model of human mental programming which captures the unique mental constitution of a person. These levels devide the vague "human factor" in more approachable categories. In the following sections each category is addressed and presented seperately according to research found and regarding security-aware behaviour.
By including universal human behaviour, characteristics of organisational and national cultures as well as (occupational) grouping of personality traits of employees, we might be able to identify emerging social threats. Furthermore, assessing social risks could help to develop guidelines for cultural change towards a more security-aware organisational culture.
As the influence of an organisation on external factors (other than their own organisational culture) tends to be minimal, developing, allowing, and applying cultural changes can be a promising approach in mitigating socio-technical risks.
By including universal human behaviour, characteristics of organisational and national cultures as well as (occupational) grouping of personality traits of employees, we might be able to identify emerging social threats. Furthermore, assessing social risks could help to develop guidelines for cultural change towards a more security-aware organisational culture.
As the influence of an organisation on external factors (other than their own organisational culture) tends to be minimal, developing, allowing, and applying cultural changes can be a promising approach in mitigating socio-technical risks.
Subjects
human factors
insider threat
organisational culture
security
security awareness
social engineering
Publication version
publishedVersion
Loading...
Name
2013.GI.INFORMATIK2013.RiskKom_workshop.Sven_Uebelacker_Security_Aware_Organisational_Cultures_as_a_Starting_Point_for_Mitigating_Socio_Technical_Risks.pdf
Size
338.63 KB
Format
Adobe PDF