A Review of Methods for Evaluating Security Awareness Initiatives

A Review of Methods for Evaluating Security Awareness Initiatives

The ‘human factor’ is commonly considered to be the weakest link in an organization’s security chain, and a significant percentage of companies have implemented security awareness (SA) programs to address this vulnerability. However, an element whose usefulness is still underestimated is the importa...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:European journal for security research 2020-10, Vol.5 (2), p.259-287
Hauptverfasser: Assenza, Giacomo, Chittaro, Andrea, De Maggio, Maria Carla, Mastrapasqua, Marzia, Setola, Roberto
Format: Artikel
Sprache:eng
Schlagworte:
Engineering
Law
Law and Criminolgy
Original Article
Political Science
Public International Law
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The ‘human factor’ is commonly considered to be the weakest link in an organization’s security chain, and a significant percentage of companies have implemented security awareness (SA) programs to address this vulnerability. However, an element whose usefulness is still underestimated is the importance to perform measurements of the different SA programs’ effectiveness in order to assess their adequateness for achieving the intended goals. This gap has serious consequences as most of the security awareness campaigns have resulted to be largely unsuccessful. Awareness measurement tools might be determinant in providing feedback on the outcome of a program as well as in helping with the strategic planning for endorsing security. This article will introduce and critically compare a set of measurement methods. It will then discuss their attributes and suggested applications.
ISSN:2365-0931
2365-1695
DOI:10.1007/s41125-019-00052-x