TY - JOUR KW - Cybersecurity culture KW - digital transformation KW - organisational culture KW - University AU - Elitsa Pavlova AB -
The digital transformation (digitalisation) becomes an important item in strategies and plans for development and improvement of higher education. The implementation of new approaches in education, new ways of information sharing and group work are expected to improve and transform all processes and services within the higher education institutions. The digital transformation should not underestimate the security aspects of ICT use and specific Cyber Security Culture (CSC), part of the wider organisational culture should be directed, shaped and supported. CSC of organizations refers to the knowledge, beliefs, perceptions, attitudes, assumptions, norms and values of people regarding cybersecurity and how they are manifested in people’s behaviour with information technologies. The attitude towards security measures in academic organisations is usually oriented towards free and open sharing of information and knowledge. This positive direction has to be maintained and preserved, but also to be changed and adapted to current threats and security environment. The balance between openness and security has to be analysed, rationally implemented, and monitored through establishment of organisational programme dedicated to CSC as a measure to influence the human factor in cybersecurity.
This article presents best practices of universities’ digitalisation from the cyber security and CRC point of view. ENISA’s CSC development guidance was used as the main tool for developing the general CSC programme for universities. The required changes of CSC and possible programme implementation are considered based on cases from several Bulgarian universities.
BT - Information & Security: An International Journal DA - 2020 DO - https://doi.org/10.11610/isij.4617 IS - 3 N2 -The digital transformation (digitalisation) becomes an important item in strategies and plans for development and improvement of higher education. The implementation of new approaches in education, new ways of information sharing and group work are expected to improve and transform all processes and services within the higher education institutions. The digital transformation should not underestimate the security aspects of ICT use and specific Cyber Security Culture (CSC), part of the wider organisational culture should be directed, shaped and supported. CSC of organizations refers to the knowledge, beliefs, perceptions, attitudes, assumptions, norms and values of people regarding cybersecurity and how they are manifested in people’s behaviour with information technologies. The attitude towards security measures in academic organisations is usually oriented towards free and open sharing of information and knowledge. This positive direction has to be maintained and preserved, but also to be changed and adapted to current threats and security environment. The balance between openness and security has to be analysed, rationally implemented, and monitored through establishment of organisational programme dedicated to CSC as a measure to influence the human factor in cybersecurity.
This article presents best practices of universities’ digitalisation from the cyber security and CRC point of view. ENISA’s CSC development guidance was used as the main tool for developing the general CSC programme for universities. The required changes of CSC and possible programme implementation are considered based on cases from several Bulgarian universities.
PY - 2020 SE - 239 SP - 239 EP - 249 T2 - Information & Security: An International Journal TI - Enhancing the Organisational Culture related to Cyber Security during the University Digital Transformation VL - 46 ER -