دانلود پایان نامه اطلاعات و حفاظت اطلاعات pdf
در این صفحه دو پایان نامه در رشته اطلاعات و حفاظت اطلاعات قرار داده شده است. فایل PDF این پایان نامه ها را می توانید از قسمت "فایل ها برای دانلود" در پایین همین صفحه دریافت نمایید.
یک ارزیابی تجربی از رفتار حفاظت از امنیت اطلاعات کاربران نسبت به نقض مهندسی اجتماعی
An Empirical Assessment of Users' Information Security Protection Behavior Towards Social Engineering Breaches
User behavior is one of the most significant information security risks. Information Security is all about being aware of who and what to trust and behaving accordingly. Due to technology becoming an integral part of nearly everything in people's daily lives, the organization's need for protection from security threats has continuously increased. Social engineering is the act of tricking a user into revealing information or taking action. One of the riskiest aspects of social engineering is that it depends mainly upon user errors and is not necessarily a technology shortcoming. User behavior should be one of the first apprehensions when it comes to social engineering. Unfortunately, there are few specific studies to understand factors that affect users' information security protection behavior towards social engineering breaches.
The focus of the information security literature is shifting from technology to user behavior in recent times. SETA (Security Education Training Awareness) program aids organizations in teaching their users about information security issues and expectations to prevent information security breaches. Information security policies depict the rules and regulations that everyone must follow utilizing an organization's information technology resources. This research study used Protection Motivation Theory (PMT) combined with the SETA program and security policies to determine factors that affect users' information security protection behavior towards social engineering breaches. This research study was an empirical and quantitative study to congregate data utilizing a web survey and PLS-SEM (Partial Least Squares Structural Equation Modeling) technique. As a result, the research study supported all three hypotheses associated with fear, including a positive impact of perceived severity on fear, perceived vulnerability on fear, and fear on protection motivation. Moreover, the research study substantiated the positive impact of perceived severity, perceived vulnerability, and response efficacy on protection motivation. Furthermore, the research study also confirmed the positive impact of protection motivation and the SETA program on protection behavior.
The findings of this research study derived that, unswerving with the literature, social engineering has arisen as one of the biggest threats in information security. This research study explored factors impacting users' information security protection behavior towards social engineering breaches. Support of all hypotheses for fear appeal is a substantial contribution in view of a lesser-researched fear appeal in preceding research using PMT. This research study provided the groundwork for encouraging and nurturing users' information security protection behavior to prevent social engineering breaches. Finally, this research study contributes to the increasing phenomenon of social engineering in practice and future research.
عادات امنیت اطلاعات و قصد انگیزه حفاظت از هزاره ها: یک مطالعه کمی
Millennials’ Information Security Habits and Protection Motivation Intention: A Quantitative Study
Millennial home personal computer users, people born between 1980 and 2000, vary from older generations in their way of thinking and decision-making. The millennial generation grew up with technology from a young age and are aware of how to manage many gadgets. However, the group is not as information security sensible as expected. The culture of continuous Internet use in home computing creates habits that potentially derail prescribed security responses to cyber threats producing unhealthy information security practices. Millennials’ habituated tendencies reveal reasons why members of the group are not entirely adopting and implementing antivirus software. This quantitative, nonexperimental design study aimed to understand if prior information security experiences and habituated responses to compromised security events influenced millennial technology-oriented decision-making. The research question asked was as follows: Is there a significant association between millennials’ information security habits and protection motivation factors that indicate an intention to install antivirus software? The theoretical framework of the protection motivation theory provided a basis for analysis to visualize the correlation between habituated actions and predictor variables to forecast millennials’ intention to install antivirus software. A 24-question survey instrument with 23 items in a 7-point Likert style collected data from 257 participants. Bivariate correlational analysis indicated relationships with information security habits and provided potential reasons why habituated actions might influence implementing antivirus software among millennials. Perceived vulnerability, perceived severity, response efficacy, and self-efficacy variables showed significance using a p-value of 0.05, while rewards and response costs had no significance. Results from regression analysis with correlated variables illustrated avenues for future research with perceived severity and self-efficacy. Conclusions from the research indicated the need for performing additional statistical tests to understand millennials’ perceived risk and risk coping responses with information security habits as a moderator of protection motivation factors with intention to implement security software. Recommendations from the research included a focus on perceived severity and understanding millennials’ self-efficacy or confidence to complete prescribed information security actions. All research recommendations would be enhanced with a mixed methods approach to decipher recipients’ responses to survey questions with open-ended queries.