Skip to main content
65
Views
104
Downloads
Reviewed article

Applying a New Approach to Consider the Human Factor in the Design of Information Security Systems

How to cite:
Ivan Gaidarski, Anastas Madzharov
"Applying a New Approach to Consider the Human Factor in the Design of Information Security Systems"
Information & Security: An International Journal,
55
no. 3
(2024):
261-272.
https://doi.org/10.11610/isij.5546

Applying a New Approach to Consider the Human Factor in the Design of Information Security Systems

Source:

Information & Security: An International Journal,
Volume: 55,
Issue3,
p.261-272
(2024)

Abstract:

A primary task of information security in modern organisations is to ensure the safety of their information assets. The most effective method is to develop and implement an information security system (ISS) that is designed for a specific organisation and meets the organisation-specific requirements. Two methods for creating ISS are considered in the article – development of a complex ISS through systems analysis and the authors’ method for the development of organisational ISS. These methods consider different viewpoints on the system. An example is given with Information Security Viewpoint and related concepts such as “Incident,” “Breach,” “Vulnerability,” “Threats,” “Threat Sources,” and a “Threat Agent” with taking the human factor in account. As the behaviour of employees in relation to the adopted information security policy cannot be predicted, it is necessary to foresee some measures in the process of designing the system.

65
Views
104
Downloads