Please use this identifier to cite or link to this item:
Title: Security awareness training: A review
Authors: Al-Daeef M.M. 
Basir N. 
Saudi M.M. 
Keywords: Embedded training;Phishing;User awareness;User training;Knowledge management
Issue Date: 2017
Publisher: Newswood Limited
Journal: Lecture Notes in Engineering and Computer Science 
Phishing is a type of social engineering cybercrimes in which, phishers try to steal users' information. Human unawareness and inattention factors are usually exploited by phishers to bypass anti-phishing systems. This impose on anti-phishing solutions to target the vulnerabilities at both of technical and non-technical layers of phishing problem. This paper reviews users' training approach as a non-technical solution to mitigate security threats in general and phishing problem in particular. Security training methods should be designed to attract users' attention in order to enhance their awareness and make them retain acquired knowledge for longer time. Training activities therefore, must consider knowledge acquisition, knowledge retention, and knowledge transfer aspects. Training in addition, should be embedded into something that users are familiar with and continually practice to make training as ongoing activity. Security training as a non-technical solution must be highly considered to complement the performance of anti-phishing technical tools and thus, improve their results.
ISBN: 9789880000000
ISSN: 20780958
Appears in Collections:Scopus

Files in This Item:
File Description SizeFormat
Security Awareness Training' A Review.pdf1.35 MBAdobe PDFView/Open
Show full item record

Page view(s)

checked on Nov 26, 2021


checked on Nov 26, 2021

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.