Refereed article in conference proceedings (A4)
A Taxonomy of Perceived Information Security and Privacy Threats among IT Security Students
List of Authors: Ali Farooq, Syed Rameez Ullah Kakakhel, Seppo Virtanen, Jouni Isoaho
Editors: Charles A. Shoniregun, Galyna A. Akmayeva
Conference name: International Conference for Internet Technology and Secured Transactions
Place: London
Publication year: 2015
Book title *: The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
Start page: 280
End page: 286
Number of pages: 7
ISBN: 978-1-908320-52-0
ISSN: 2164-7046
DOI: http://dx.doi.org/10.1109/ICITST.2015.7412106
The purpose of this study is to explore students’ perceived information security and privacy (IS&P) threats and to classify them in a way that helps in analyzing the problem, creating awareness measures and further improving students’ IS&P education. Using a qualitative research approach, a group of forty two Master’s degree IT students identified seventy five IS&P threats related to them. The identified threats were classified into fourteen categories. Further, using the affinity diagraming technique, the categories were grouped into four domains - Personnel, Devices, Intranet and Internet. In this way, we present a taxonomy of students’ perceived IS&P threats as well as a model that highlights the domains where students consider themselves prone to IS&P threats. The proposed taxonomy and the domain model can be used as a benchmark for designing information security awareness assessment instruments and preparing information security awareness programs. The taxonomy can also be used for highlighting areas where students lack information security related knowledge.
Downloadable publication This is an electronic reprint of the original article. |