Transformation of Strategic Models for Managing Human Risks of Information Security of an Enterprise as an Imperative of the Digital Industry

被引：0

作者：

L. V. Astakhova

机构：

[1] South Ural State University,

来源：

Scientific and Technical Information Processing | 2021年 / 48卷

关键词：

information security culture; awareness; management; strategies; organization; human risks; trust; involvement; employer; employee;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

This article substantiates the imperatives of transforming the information security (IS) human risk management model at a digital industry enterprise using the theories of strategic management, psychological ownership (involvement), and cultural parameters of human activity. The types of strategies and strategic models of information security culture (ISC) have been substantiated. With the use of sociological research, the dominance in organizations of the ISC defensive strategy was revealed, the pattern of the transition from the defensive to the developing strategic ISC model was revealed, and then the transition to the integrative ISC management strategy, thus combining both strategic models. The concept of the draft Information security culture national standard, which can be the basis for the design and implementation of a standard of the same name for any enterprise, is presented.

引用

页码：71 / 77

页数：6

共 31 条

[1] da Veiga A.(2020)Defining organisational information security culture—perspectives from academia and industry Comput. Secur. 92 p. 101713-64
[2] Astakhova L.V.(2020)Issues of the culture of information security under the conditions of the digital economy Sci. Tech. Inf. Process. 47 56-1010
[3] Botha A.(2015)Situational approach in the social-human cognition: Objectives, principles and categories, Humanit. Soc. Sci. 8 1003-500
[4] Herselman M.(2019)Knowledge management in the context of sustainability: Literature review and opportunities for future research J. Cleaner Prod. 229 489-10
[5] Astakhova L.V.(2019)The linkage between knowledge risk management and organizational performance J. Bus. Res. 105 1-603
[6] Veklenko P.V.(2019)Knowledge management of intangible actives Serv. Co. Procedia Comput. Sci. 162 596-118
[7] Martins V.W.B.(2018)Exploring the influence of flow and psychological ownership on security education, training and awareness effectiveness and security compliance Decis. Support Systems 108 107-31
[8] Rampasso I.S.(2010)How can one amplify the effect of e-learning? An examination of high-tech employees' computer attitude and flow experience Comput. Human Behav. 26 23-2627
[9] Anholon R.(2013)The role of employee engagement in the relationship between job design and task performance, citizenship and deviant behaviours Int. J. Human Resour. Manage. 24 2608-548
[10] Quelhas O.L.G.(2010)Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness MIS Q.: Manage. Inf. Syst. 34 523-undefined

← 1 2 3 4 →