Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak.

Published bySharon Robertson Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak."— Presentation transcript:

1 Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak

2 Outline  Background Information  Research Question  Methodology  Results  Conclusion

3 Information Security  Confidentiality – prevent unauthorised access  Integrity – accuracy and correctness  Availability – authorised access when needed  Ensure business continuity  Minimise damage and liability  Ethical and legal responsibility Information security plans or policies are needed, usually consist of technical controls Background Information

4 Information Security Awareness – Human Aspects  Employee knowledge of information security concepts  Management knowledge of information security concepts  Consciousness of security plans Literature suggests positive relationship between awareness and security plan success. Should be included in plans. Background Information

5 TAFE South Australia  Largest vocational education provider in SA  2400 employees across over 50 campuses Suitable for this research  All aspects of the business are conducted using information systems.  Holds vast amount of confidential student data.  Recently implemented new student information system Background Information

6 Motivation for Research  Gap in literature  Australian Context  Personal interest as an employee Background Information

7 Potential Contributions  Directly benefit TAFE SA  Finalised report (thesis) to be given to TAFE SA  Provide insight into other similar Australian Organisations Background Information

8 To gain an insight into the information security awareness levels of TAFE SA Employees in order to identify areas that need improvement Does not look into improving awareness through “best practices” Research Question

9 Online Questionnaire  Knowledge of concepts = Awareness of threats  Behavioural questions = Employee actions which may cause breaches  Consciousness of policies’ existence Quantitative Methods Used  Tabulated percentages Methodology

10 Population: 2400 staff Sample: 308 responses 13% of entire organisation responded Demographics  Management ( 19% )  General Staff (81%)  Mushroom ?? Results

11 Knew what Phishing is Knew what Spam is Results YesNo Management32%68% General Employees23%77% YesNo Management78%22% General Employees87%13%

12 Has clicked on unknown links embedded in external third party emails Knew what Social Engineering is Results YesNo Management24%76% General Employees16%84% YesNo Management78%22% General Employees73%27%

13 Knew what a strong password should be Has given away passwords or logged someone in Questionnaire may have prompted ICT’s action ?? Results YesNo Management64%36% General Employees66%34% YesNo Management56%44% General Employees52%48%

14 Has left computer unlocked and unattended Used appropriate methods for password storage Results YesNo Management73%27% General Employees78%22% YesNo Management68%32% General Employees65%35%

15 Knew the importance of data/information integrity Has amended data without due process Results YesNo Management93%7% General Employees91%9% YesNo Management7%93% General Employees8%92%

16 Has discussed work related issues on social networking sites Very few research into this topic, that is, social media can be a source of data/information leakage Results YesNo Management7%93% General Employees8%92%

17 Awareness of existence of information security policy Awareness of existence of password policy Results YesNo Management59%41% General Employees37%63% YesNo Management41%59% General Employees31%69%

18 TAFE SA needs improvements  Passwords given to colleagues  Leaving computers unlocked and unattended  Lack of awareness of policies Conclusion

19 Limitations  TAFE SA’s Chief Executive’s disapproval of question  “Social Engineering” is an ambiguous term Conclusion

20 Future Research  How awareness can be improved  Explore adoption of awareness programs  Look into Including awareness as part of an overall security strategy Conclusion

21 My Telstra Story  chief.executive@telstra.com  Potential for malicious acts is huge!

22 Thank You Tip: If you work fulltime, do not commence a research degree. I am actually 19 but I look 40. -Hong Chan

Download ppt "Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak."

Similar presentations

What is Primary Research and How do I get Started?

What is Primary Research and How do I get Started?
Integrity and impartiality

Integrity and impartiality
Head Teacher Forum 23 June 2010 Managing your business! Code of Conduct Update Tina Renshaw – Regional Human Resources Manager.

Head Teacher Forum 23 June 2010 Managing your business! Code of Conduct Update Tina Renshaw – Regional Human Resources Manager.
a ADOPTION OF E-LEARNING BY THE ACADEMIC AND INDUSTRY STAFF

a ADOPTION OF E-LEARNING BY THE ACADEMIC AND INDUSTRY STAFF
Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.

Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.
EXTERNAL Corruption Prevention NetworkJuly 2007Fraud Control Planning Tax Office Fraud Control Planning: Tools and Techniques PRESENTED BY: Annalissa Hilton.

EXTERNAL Corruption Prevention NetworkJuly 2007Fraud Control Planning Tax Office Fraud Control Planning: Tools and Techniques PRESENTED BY: Annalissa Hilton.
Corporate Social Responsibility in the Road Sector Dr Andy Southern -Atkins (UK) Alexander Walcher -Asfinag (Austria)

Corporate Social Responsibility in the Road Sector Dr Andy Southern -Atkins (UK) Alexander Walcher -Asfinag (Austria)
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
Security Controls – What Works

Security Controls – What Works
1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
RESEARCH QUESTIONS, AIMS AND OBJECTIVES

RESEARCH QUESTIONS, AIMS AND OBJECTIVES
The phases of research Dimitra Hartas. The phases of research Identify a research topic Formulate the research questions (rationale) Review relevant studies.

The phases of research Dimitra Hartas. The phases of research Identify a research topic Formulate the research questions (rationale) Review relevant studies.
Electronic EDI e-EDI. The EDI has been in use since 1999 using a paper-based system and computerized spreadsheets to collect and manage EDI data. Over.

Electronic EDI e-EDI. The EDI has been in use since 1999 using a paper-based system and computerized spreadsheets to collect and manage EDI data. Over.
Business and Management Research

Business and Management Research
NETWORK RECRUITMENT IT SKILLS SURVEY March, 2013 NITESKE MARSHALL Network Recruitment MD DEVELOPING RELATIONSHIPS, DELIVERING RESULTS 2013 www.networkrecruitment.co.za.

NETWORK RECRUITMENT IT SKILLS SURVEY March, 2013 NITESKE MARSHALL Network Recruitment MD DEVELOPING RELATIONSHIPS, DELIVERING RESULTS
© 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker.

© 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker.
Program Objective Security Basics

Program Objective Security Basics
Sasa Aksentijevic, MBA IT Ph.d. Business Economy cnd./ ICT Manager / C(I)SO / ICT Court Forensic Expert LinkedIn: linkedin.com/sasaaksentijevic Information.

Sasa Aksentijevic, MBA IT Ph.d. Business Economy cnd./ ICT Manager / C(I)SO / ICT Court Forensic Expert LinkedIn: linkedin.com/sasaaksentijevic Information.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

Similar presentations

Ads by Google