Security education and awareness: just let them burn?

S Furnell, I Vasileiou

Research output: Contribution to journalArticlepeer-review

3 Downloads (Pure)

Abstract

© 2017 Elsevier Ltd It is now readily recognised that cyber-security is not just a technical issue, with many breaches highlighting insufficient attention towards human aspects. One of the fundamental reasons for this is that people are not naturally equipped with the skills, instincts and behaviours required to ensure appropriate protection and so need support in order to help them understand what they should be doing and learn how to do it. However, looking at the evidence from surveys over the years, it becomes clear that security awareness, training and education often hold the curious distinction of being overlooked as key controls, while the lack of provision is readily recognised as a key cause of incidents. As such, this remains an area in which more could be done – and how it is done could be improved. Cyber-security is not just a technical issue. Breach after breach has shown the impact of human factors. People are not naturally equipped with the skills, instincts and behaviours required to ensure appropriate protection and so need support. However, while the lack of provision is recognised as a cause of incidents, security awareness and training are often overlooked. Steven Furnell and Ismini Vasileiou of the Centre for Security, Communications and Network Research at the University of Plymouth examine how this situation can be improved.
Original languageEnglish
Pages (from-to)5-9
Number of pages0
JournalNetwork Security
Volume2017
Issue number12
Early online date19 Dec 2017
DOIs
Publication statusPublished - Dec 2017

Fingerprint

Dive into the research topics of 'Security education and awareness: just let them burn?'. Together they form a unique fingerprint.

Cite this