Open Access. Powered by Scholars. Published by Universities.®
Management Information Systems Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
Articles 1 - 2 of 2
Full-Text Articles in Management Information Systems
Social Engineering Knowledge Measured As A Security Countermeasure, Christopher Artejus Sanders
Social Engineering Knowledge Measured As A Security Countermeasure, Christopher Artejus Sanders
Theses and Dissertations
Social Engineering has become a significant threat to the security of business, government, and academic institutions. As vulnerabilities to social engineering attacks increase, organizations must incorporate risk mitigation strategies to their portfolios of Information Systems Security Countermeasures (ISSC). The goal is to implement mitigation strategies that balance the cost of implementation, the privacy of employees, and the resulting expected costs of social engineering attacks. In this paper we develop an analytical model that calculates the total cost of protection, including the trade-off between the cost of implementing protection strategies and the resulting expected cost of social engineering attacks. We use …
Aligning Security And Usability Objectives For Computer Based Information Systems, Santa Ram Susarapu
Aligning Security And Usability Objectives For Computer Based Information Systems, Santa Ram Susarapu
Theses and Dissertations
With extensive use of information systems in day-to-day business operations, many organizations are facing challenges to develop robust computer-based information systems that are secure and widely used by the user community. In order to develop information systems that are secure and useful, understanding what stakeholders consider important and value about the security and usability is critical. Security refers to confidentiality, integrity and availability and usability refers to efficiency, effectiveness and user satisfaction. Using Value Focused Thinking approach, this research first proposes the usability objectives based on the values of system developers and users. Using the security objectives proposed by Dhillon …