Please use this identifier to cite or link to this item:
https://oarep.usim.edu.my/jspui/handle/123456789/1880
Title: | Security awareness training: A review | Authors: | Al-Daeef M.M. Basir N. Saudi M.M. |
Keywords: | Embedded training;Phishing;User awareness;User training;Knowledge management | Issue Date: | 2017 | Publisher: | Newswood Limited | Journal: | Lecture Notes in Engineering and Computer Science | Abstract: | Phishing is a type of social engineering cybercrimes in which, phishers try to steal users' information. Human unawareness and inattention factors are usually exploited by phishers to bypass anti-phishing systems. This impose on anti-phishing solutions to target the vulnerabilities at both of technical and non-technical layers of phishing problem. This paper reviews users' training approach as a non-technical solution to mitigate security threats in general and phishing problem in particular. Security training methods should be designed to attract users' attention in order to enhance their awareness and make them retain acquired knowledge for longer time. Training activities therefore, must consider knowledge acquisition, knowledge retention, and knowledge transfer aspects. Training in addition, should be embedded into something that users are familiar with and continually practice to make training as ongoing activity. Security training as a non-technical solution must be highly considered to complement the performance of anti-phishing technical tools and thus, improve their results. |
URI: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85041184939&partnerID=40&md5=868b0a1aa0ef2a4c2b42eb61db9da8ec | ISBN: | 9789880000000 | ISSN: | 20780958 |
Appears in Collections: | Scopus |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Security Awareness Training' A Review.pdf | 1.35 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.