Information Security Awareness資訊安全認(rèn)知

1、1編輯pptInformation Security Awareness資訊安全認(rèn)知資訊安全認(rèn)知2編輯ppt2Elicitation of Research TopicsInformation SecurityAwarenessNational InformationSecurity ProjectING InformationSecurity Project3編輯ppt3Information Security PlatformInformation Technology, Learning, and Performance Journal 4編輯ppt4Problems Why ING n

2、eeds the information security platform ? What are the differences between e-learning and information security platform ?5編輯ppt5Systems Development inInformation Systems ResearchJAY F. NUNAMAKER, JR., MINDER CHEN, and TITUS D. M. PURDINJournal of Management Information Systems I Winter 1990-91, Vol.

3、7, No, 3, pp. 89-106.6編輯ppt6The Integrated Framework of Information Security AwarenessInformation Security Awareness PlatformEvaluation of OrganizationalInformation Security Awareness Materials and Methods for Information Security Awareness7編輯ppt7Situation Awareness 決策行為成效情 境 認(rèn) 知 未來預(yù)測(cè) Level 3 現(xiàn)況了解 L

4、evel 2元素知覺Level 1系統(tǒng)功能介面設(shè)計(jì)壓力/工作負(fù)荷複雜度自動(dòng)化目標(biāo)預(yù)期環(huán)境狀況 能力 經(jīng)驗(yàn) 訓(xùn)練個(gè)人因素作業(yè)或系統(tǒng) 因素 長期記憶自動(dòng)性資訊處理機(jī)制Endsley, M.R. and Garland D.J (Eds.) (2000)Situation Awareness Analysis and Measurement. Mahwah , NJ：Lawrence Erlbaum Associates, 8編輯ppt8Research DesignWhat is your opinion?9編輯ppt9The Evaluation Form of Information Secu

5、rity Awareness PART I: Laws and Regulations1.1 Laws and Regulations 1.1.1 I understand the meaning of the basic policy structure for IT security in the Federal government in the concept of Laws and Regulations.1.2 Policies and Procedures1.2.1 I understand the meaning of IT security safeguards are in

6、tended to achieve specific control objectives in the concept of Policies and Procedures.1.2.2 I understand the meaning of procedures define the technical and procedural safeguards that have been implemented to enforce the specified policies in the concept of Policies and Procedures.10編輯ppt10NIST SP8

7、00-16ABCs OF INFORMATION TECHNOLOGY SECURITYAAssets Something of value requiring protection (hardware, software, data, reputation)BBackup The three most important safeguards backup, backup, backupCCountermeasures and Controls Prevent, detect, and recover from security incidentsDDAA and Other Officia

8、ls Manage and accept risk and authorize the system to operateEEthics The body of rules that governs an individuals behavior.FFirewalls and Separation of Duties Minimize the potential for “incident encroachment”GGoals Confidentiality, Integrity, and Availability (CIA)11編輯ppt11Research DesignWhat is your opinion?12編輯ppt12Conclusion Research topics elic