Please use this identifier to cite or link to this item: https://oarep.usim.edu.my/jspui/handle/123456789/1880
Title: Security awareness training: A review
Authors: Al-Daeef M.M. 
Basir N. 
Saudi M.M. 
Keywords: Embedded training;Phishing;User awareness;User training;Knowledge management
Issue Date: 2017
Publisher: Newswood Limited
Journal: Lecture Notes in Engineering and Computer Science 
Abstract: 
Phishing is a type of social engineering cybercrimes in which, phishers try to steal users' information. Human unawareness and inattention factors are usually exploited by phishers to bypass anti-phishing systems. This impose on anti-phishing solutions to target the vulnerabilities at both of technical and non-technical layers of phishing problem. This paper reviews users' training approach as a non-technical solution to mitigate security threats in general and phishing problem in particular. Security training methods should be designed to attract users' attention in order to enhance their awareness and make them retain acquired knowledge for longer time. Training activities therefore, must consider knowledge acquisition, knowledge retention, and knowledge transfer aspects. Training in addition, should be embedded into something that users are familiar with and continually practice to make training as ongoing activity. Security training as a non-technical solution must be highly considered to complement the performance of anti-phishing technical tools and thus, improve their results.
URI: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85041184939&partnerID=40&md5=868b0a1aa0ef2a4c2b42eb61db9da8ec
ISBN: 9789880000000
ISSN: 20780958
Appears in Collections:Scopus

Files in This Item:
File Description SizeFormat
Security Awareness Training' A Review.pdf1.35 MBAdobe PDFView/Open
Show full item record

Page view(s)

573
checked on Nov 26, 2021

Download(s)

665
checked on Nov 26, 2021

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.