diplomsko delo univerzitetnega študijskega programa Varstvoslovje
Abstract
Prodor novih groženj v področje informacijsko komunikacijske tehnologije je znatno zmanjšal stopnjo varnosti informacij za vse udeležence, od posameznikov, ki brskajo po spletu, do mednarodnih podjetij, ki zagotavljajo osnovne surovine in storitve. Organizacije sicer grožnje uspešno zaznavajo, vendar so pri tem pogosto prepočasne ali celo neustrezno pripravljene.
Diplomsko delo je preučilo možne prilagoditve ter načine obrambe organizacij pred zlonamernimi akterji. Nadalje so bile dognane utemeljitve pojmov ter praktične usmeritve, ki skozi različne informacijsko varnostne politike, strategije in standarde vodijo k večji stopnji zagotavljanja varnosti informacij. Več pozornosti je bilo namenjeno tudi človeškemu kadru, ki je hkrati označen kot najšibkejši člen, a vendarle tvori najpomembnejši del organizacij. Kot glavni ugotovitvi sta izstopala kritičen pomen ozaveščanja, izobraževanja in usposabljanja zaposlenih ter potreba po oblikovanju ustrezne varnostne kulture.
V empiričnem delu je bil za pridobivanje odgovorov oblikovan anketni vprašalnik na temo ozaveščenosti zaposlenih o informacijsko varnostnih politikah ter o pomembnih dejavnikih, ki na varnost vplivajo. Ugotovljeno je bilo, da so anketiranci s pomembnostjo informacijsko varnostnih politik dobro seznanjeni ter da največjo vlogo pripisujejo ravno zaposlenim ter njihovem znanju. Prav tako je bilo ugotovljeno, da večina najraje uporablja kombinacijo formalnih varnostnih politik ter neformalnih priporočil in usmeritev.
Keywords
informacijska varnost;informacijskovarnostna politika;diplomske naloge;
Data
Language: |
Slovenian |
Year of publishing: |
2022 |
Typology: |
2.11 - Undergraduate Thesis |
Organization: |
UM FVV - Faculty of Criminal Justice |
Publisher: |
[J. Jerotić] |
UDC: |
004.056(043.2) |
COBISS: |
122447107
|
Views: |
18 |
Downloads: |
7 |
Average score: |
0 (0 votes) |
Metadata: |
|
Other data
Secondary language: |
English |
Secondary title: |
Information security policy as fundemental binder between employees and providing information security in companies |
Secondary abstract: |
Rise of new threats to information communication technology has drastically lowered information security for all users, from individuals that are just browsing the Internet to the international companies responsible for providing basic products and services. Nowadays organizations seem to be successful in recognizing potential threats, but in majority of the cases they catch them late or they lack knowledge and means to prevent them.
Thesis studied possible adaptations and improvements for defence from information security threats. Furthermore, it focused on fundamental definitions and theoretical approaches, such as implementation of the information security policies, strategies and standards that serve as a guiding tool and focuses on ensuring a higher degree of protecting information. More attention was also given to human aspect in organizations, as the employees are often seen as the weakest link, but simultaneously as the most important part of any company. Main findings concluded that organizations should focus on raising awareness of employees, ensuring additional and up to date education programmes and trainings. Along with that they should focus on establishing effective organizational culture.
Empirical research focused on collecting practical data using a survey. Key findings revealed that employees possess the knowledge about information security policies. They also highlighted importance of awareness and knowledge amongst employees. Lastly they chose combination of formal information security policies and informal practises as their preferred methods of work. |
Secondary keywords: |
Varstvo podatkov (računalništvo);Podjetja;Zaposleni;Univerzitetna in visokošolska dela; |
Type (COBISS): |
Bachelor thesis/paper |
Thesis comment: |
Univ. v Mariboru, Fak. za varnostne vede, Ljubljana |
Pages: |
VII f., 43 str., [10] str. pril. |
ID: |
16534012 |