sistematičen pregled literature
Špela Grilc (Author), Kaja Prislan (Mentor), Anže Mihelič (Co-mentor)

Abstract

Kot posledica vse bolj kompleksnih in sofisticiranih kibernetskih groženj je informacijska varnost postala aktualna tema v strokovnih razpravah in znanstvenih raziskavah. Te opozarjajo, da so za informacijskovarnostne incidente največkrat odgovorni uporabniki, najpogosteje zaradi malomarnosti pri uporabi informacijskih sistemov in tehnologij, neozaveščenosti o informacijskih tveganjih, pozabljivosti, nepazljivosti ali nepremišljenosti, tudi apatije in odpora do spoštovanja informacijskovarnostnih politik. S pojasnjevanjem vloge uporabnikov v sistemu zagotavljanja informacijske varnosti se ukvarja behavioristična informacijska varnost, kjer se pri pojasnjevanju in napovedovanju vedenja uporabnikov izhaja iz različnih psiholoških, organizacijskih in kriminoloških teorij. Kljub številčnosti sistematičnih pregledov literature na področju informacijske varnosti med njimi ni mogoče zaslediti celostnega sistematičnega pregleda teorij, ki se uporabljajo v behaviorističnih informacijskovarnostnih raziskavah. Namen diplomskega dela je bil ugotoviti katere teorije so najbolj uveljavljene v raziskavah, na katerih tematskih področjih se najpogosteje uporabljajo, kateri dejavniki so po posameznih sklopih teorij najpogosteje vključeni v raziskave in kateri so najpogosteje statistično značilni. Skladno s tem smo v empiričnem delu opravili dve študiji, ki sta vključevali sistematičen pregled literature za preteklih deset let. Ugotovili smo, da med najbolj uveljavljeni sodita varnostnomotivacijska teorija in teorija načrtovanega vedenja, najpogosteje statistično značilna dejavnika teh teorij, ki se uporabljata za napovedovanje samozaščitnega vedenja in skladnosti vedenja s politikami informacijske varnosti sta samoučinkovitost in zaznana uporabnost tehnologije. Rezultati diplomskega dela so lahko v pomoč raziskovalcem pri načrtovanju raziskav v prihodnje in strokovnjakom, ki se ukvarjajo z ozaveščanjem ali izobraževanjem uporabnikov oz. upravljanjem njihovega informacijskovarnostnega vedenja.

Keywords

informacijska varnost;uporabniki;vedenje;človeški dejavniki;raziskave;pregled literature;diplomske naloge;

Data

Language: Slovenian
Year of publishing:
Typology: 2.11 - Undergraduate Thesis
Organization: UM FVV - Faculty of Criminal Justice
Publisher: [Š. Grilc]
UDC: 004.056(043.2)
COBISS: 85262083 Link will open in a new window
Views: 347
Downloads: 62
Average score: 0 (0 votes)
Metadata: JSON JSON-RDF JSON-LD TURTLE N-TRIPLES XML RDFA MICRODATA DC-XML DC-RDF RDF

Other data

Secondary language: English
Secondary title: Theories and models in behavioral information security research:
Secondary abstract: As a result of increasingly complex and sophisticated cyber threats, information security has become a hot topic in professional debates and scientific research. They point out that users are most often responsible for information security incidents, most often due to negligence in the use of information systems and technologies, lack of awareness of information risks, forgetfulness, inattention or recklessness, as well as apathy and reluctance to comply with information security policies. Behavioral information security is concerned with explaining the role of users in the information security system, drawing on various psychological, organizational, and criminological theories to explain and predict user behavior. Despite numerous systematic literature reviews on the field of information security, there is no comprehensive systematic review of the theories used in behavioral information security research. The purpose of this thesis is to find out which theories are most widely used in research, in which subject areas they are most commonly used, which factors are most frequently included in research according to each set of theories and which are most frequently statistically significant. Accordingly, we made two studies involving a systematic review of the literature over the past ten years in the empirical part. We found that the most established theories are the Protection motivation theory and the Theory of planned behavior. The most frequently statistically significant factors of these theories used to predict self-protective behavior and behavioral compliance with information security policies are self-efficacy and perceived usefulness of the technology. The thesis results can help researchers plan future research and professionals working in the field of raising awareness, education, or information security behavior management.
Secondary keywords: information security;systematic literature review;behavior;user;theories;variables;
Type (COBISS): Bachelor thesis/paper
Thesis comment: Univ. v Mariboru, Fak. za varnostne vede, Ljubljana
Pages: V f., 62 str.
ID: 13723030
Recommended works:
, sistematičen pregled literature
, magistrska naloga
, ǂa ǂsystematic literature review
, doktorska disertacija
, analiza dejavnikov zaupanja uporabnikov v Sloveniji