Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Business
A Coordinated Communication & Awareness Approach For Information Security Incident Management: An Empirical Study On Ethiopian Organizations, Keshnee Padayachee, Elias Worku
A Coordinated Communication & Awareness Approach For Information Security Incident Management: An Empirical Study On Ethiopian Organizations, Keshnee Padayachee, Elias Worku
The African Journal of Information Systems
The coordination of communication and awareness efforts in the process of Information Security Incident Management (ISIM) has been identified as a critical means of enhancing information security protection in organizations. This paper aims to explore the nuances of organizational information security with respect to the coordination of communication and awareness efforts among organizational stakeholders towards achieving a shared, interactive, and participatory ISIM. According to the findings of the study in the organizations sampled, it has been identified that reporting, communication, and awareness efforts within ISIM were found to be largely uncoordinated. The exploratory findings provided a rationale for the proposal …
A Naturalistic Methodology For Assessing Susceptibility To Social Engineering Through Phishing, Paula Musuva, Christopher Chepken, Katherine Getao
A Naturalistic Methodology For Assessing Susceptibility To Social Engineering Through Phishing, Paula Musuva, Christopher Chepken, Katherine Getao
The African Journal of Information Systems
Phishing continues to be a prevalent social engineering attack. Attacks are relatively easy to setup and can target many people at low cost. This study presents a naturalistic field experiment that can be staged by organisations to determine their exposure. This exercise provides results with high ecological validity and can give organisations the information they need to craft countermeasures to social engineering risks. The study was conducted at a university campus in Kenya where 241 valid system users, also known as “insiders,” are targeted in a staged phishing experiment. The results show that 31.12% of the insiders are susceptible to …