Skip to main content
Home

InfoTech conference

2021 IEEE International Conference on Information Technologies

People-centric Security Awareness Program

Federico Giovannetti
Doctor of Business Administration Program Muma College of Business, University of South Florida, Tampa
USA
Abstract:

Information Security departments are continuously challenged and frustrated by the lack of employee compliance with established security policies. Several studies have shown causal factors for this type of employee behavior. However, few have recommended management level interventions that can be used as a solution framework by security practitioners. Based on constructs such as tailored communication messages, leadership influence, and peer ambassadors, this article presents a People-centric Information Security Awareness Program that can help security practitioners improve the Information Security Culture of their organization.

Key words:
Information security culture
employee compliance
tailored messaging
leadership
ambassadors