In the information security field, the human factor is the vulnerability considered to be the most unpredictable one. In addition, the human factor is characterized by being the most variable and thus the hardest to control. Therefore, Users should have an adequate level of awareness of the importance of information security and how to protect themselves against the increased threats. Technology solutions alone cannot provide complete protection. Many methods have been used for raising the awareness of users, however, there is a doubt about the effectiveness of these methods. In this paper, literature and reports of information security institutes relating to information security awareness are reviewed. The main aim is to provide an overview of the key challenges surrounding the successful implementation of the information security awareness. A further aim is to investigate the factors that may have an influence upon enhancing the effectiveness of such information security awareness methods. As a result, good security practices should be promoted amongst end-users, and their knowledge should be updated continuously to achieve sustainable security awareness. Equally important, a concept of the persuasive technology has a great value in the information security awareness area.

Published in: Internet Technology and Secured Transactions (ICITST-2018)

• Date of Conference: 10-13 December 2018
• DOI: 10.2053/ICITST.WorldCIS.WCST.WCICSS.2018.0016
• ISBN: 978-1-908320-94-0
• Conference Location: University of Cambridge, Churchill College