From information security to cyber security

The term cyber security is often used interchangeably with the term information security. This paper argues that, although there is a substantial overlap between cyber security and information security, these two concepts are not totally analogous. Moreover, the paper...

Cultivating an organizational information security culture

An information security solution should be a fundamental component in any organization. One of the major difficulties in achieving the assimilation of information into an organization is the actions and behaviour of employees. To ensure the integration of information...

The 10 deadly sins of information security management

This paper identifies 10 essential aspects, which, if not taken into account in an information security governance plan, will surely cause the plan to fail, or at least, cause serious flaws in the plan. These 10 aspects can be used as a checklist by management to...

Towards information security behavioural compliance

The objective of this paper is to explore the potential problems concerning the attempt to audit the behaviour of the employee. It will be demonstrated that it is extremely difficult to audit human behaviour and so an alternative method to behavioural auditing needs...