A model for describing and maximising Security Knowledge Sharing to enhance security awareness

Saad Alahmari; Karen Renaud; Inah Omoronyia

doi:10.1007/978-3-030-44322-1_28

A model for describing and maximising Security Knowledge Sharing to enhance security awareness

Saad Alahmari^*, Karen Renaud, Inah Omoronyia

^*Corresponding author for this work

SDI - Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

99 Downloads (Pure)

Abstract

Employees play a crucial role in enhancing information security in the workplace, and this requires everyone having the requisite security knowledge and know-how. To maximise knowledge levels, organisations should encourage and facilitate Security Knowledge Sharing (SKS) between employees. To maximise sharing, we need first to understand the mechanisms whereby such sharing takes place and then to encourage and engender such sharing. A study was carried out to test the applicability of Transactive Memory Systems Theory in describing knowledge sharing in this context, which confirmed its applicability in this domain. To encourage security knowledge sharing, the harnessing of Self-Determination Theory was proposed— satisfying employee autonomy, relatedness and competence needs to maximise sharing. Such sharing is required to improve and enhance employee security awareness across organisations. We propose a model to describe the mechanisms for such sharing as well as the means by which it can be encouraged.

Original language	English
Title of host publication	Information systems
Subtitle of host publication	16th European, Mediterranean, and Middle Eastern Conference, EMCIS 2019, Dubai, United Arab Emirates, December 9–10, 2019, Proceedings
Editors	Marinos Themistocleous, Maria Papadaki
Place of Publication	Cham
Publisher	Springer
Pages	376-390
Number of pages	15
ISBN (Electronic)	9783030443221
ISBN (Print)	9783030443214
DOIs	https://doi.org/10.1007/978-3-030-44322-1_28
Publication status	Published - 3 Jun 2020
Event	16th European, Mediterranean, and Middle Eastern Conference on Information Systems - British University in Dubai, Dubai, United Arab Emirates Duration: 9 Dec 2019 → 10 Dec 2019 Conference number: 16th https://web.archive.org/web/20190921174404/http://emcis.eu/

Publication series

Name	Lecture Notes in Business Information Processing (LNBIP)
Publisher	Springer
Volume	381
ISSN (Print)	1865-1348
ISSN (Electronic)	1865-1356

Conference

Conference	16th European, Mediterranean, and Middle Eastern Conference on Information Systems
Abbreviated title	EMCIS 2019
Country/Territory	United Arab Emirates
City	Dubai
Period	9/12/19 → 10/12/19
Internet address	https://web.archive.org/web/20190921174404/http://emcis.eu/

Keywords

Security Knowledge Sharing
Security awareness
Transactive Memory System
Self-determination theory

Access to Document

10.1007/978-3-030-44322-1_28

Renaud_AModelForDescribingAndMaximisngSecurityKnowledgeSharing_Accepted_2019Accepted author manuscript, 610 KB

Cite this

Alahmari, S., Renaud, K., & Omoronyia, I. (2020). A model for describing and maximising Security Knowledge Sharing to enhance security awareness. In M. Themistocleous, & M. Papadaki (Eds.), Information systems: 16th European, Mediterranean, and Middle Eastern Conference, EMCIS 2019, Dubai, United Arab Emirates, December 9–10, 2019, Proceedings (pp. 376-390). (Lecture Notes in Business Information Processing (LNBIP); Vol. 381). Springer. https://doi.org/10.1007/978-3-030-44322-1_28

Alahmari, Saad ; Renaud, Karen ; Omoronyia, Inah. / A model for describing and maximising Security Knowledge Sharing to enhance security awareness. Information systems: 16th European, Mediterranean, and Middle Eastern Conference, EMCIS 2019, Dubai, United Arab Emirates, December 9–10, 2019, Proceedings. editor / Marinos Themistocleous ; Maria Papadaki. Cham : Springer, 2020. pp. 376-390 (Lecture Notes in Business Information Processing (LNBIP)).

@inproceedings{f39ee43b2cef4516bccc0c35abe5fcc1,

title = "A model for describing and maximising Security Knowledge Sharing to enhance security awareness",

abstract = "Employees play a crucial role in enhancing information security in the workplace, and this requires everyone having the requisite security knowledge and know-how. To maximise knowledge levels, organisations should encourage and facilitate Security Knowledge Sharing (SKS) between employees. To maximise sharing, we need first to understand the mechanisms whereby such sharing takes place and then to encourage and engender such sharing. A study was carried out to test the applicability of Transactive Memory Systems Theory in describing knowledge sharing in this context, which confirmed its applicability in this domain. To encourage security knowledge sharing, the harnessing of Self-Determination Theory was proposed— satisfying employee autonomy, relatedness and competence needs to maximise sharing. Such sharing is required to improve and enhance employee security awareness across organisations. We propose a model to describe the mechanisms for such sharing as well as the means by which it can be encouraged.",

author = "Saad Alahmari and Karen Renaud and Inah Omoronyia",

year = "2020",

month = jun,

day = "3",

doi = "10.1007/978-3-030-44322-1_28",

language = "English",

isbn = "9783030443214",

series = "Lecture Notes in Business Information Processing (LNBIP)",

publisher = "Springer",

pages = "376--390",

editor = "Marinos Themistocleous and Maria Papadaki",

booktitle = "Information systems",

note = "16th European, Mediterranean, and Middle Eastern Conference on Information Systems, EMCIS 2019 ; Conference date: 09-12-2019 Through 10-12-2019",

url = "https://web.archive.org/web/20190921174404/http://emcis.eu/",

}

Alahmari, S, Renaud, K & Omoronyia, I 2020, A model for describing and maximising Security Knowledge Sharing to enhance security awareness. in M Themistocleous & M Papadaki (eds), Information systems: 16th European, Mediterranean, and Middle Eastern Conference, EMCIS 2019, Dubai, United Arab Emirates, December 9–10, 2019, Proceedings. Lecture Notes in Business Information Processing (LNBIP), vol. 381, Springer, Cham, pp. 376-390, 16th European, Mediterranean, and Middle Eastern Conference on Information Systems, Dubai, United Arab Emirates, 9/12/19. https://doi.org/10.1007/978-3-030-44322-1_28

A model for describing and maximising Security Knowledge Sharing to enhance security awareness. / Alahmari, Saad; Renaud, Karen; Omoronyia, Inah.

Information systems: 16th European, Mediterranean, and Middle Eastern Conference, EMCIS 2019, Dubai, United Arab Emirates, December 9–10, 2019, Proceedings. ed. / Marinos Themistocleous; Maria Papadaki. Cham : Springer, 2020. p. 376-390 (Lecture Notes in Business Information Processing (LNBIP); Vol. 381).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A model for describing and maximising Security Knowledge Sharing to enhance security awareness

AU - Alahmari, Saad

AU - Renaud, Karen

AU - Omoronyia, Inah

N1 - Conference code: 16th

PY - 2020/6/3

Y1 - 2020/6/3

N2 - Employees play a crucial role in enhancing information security in the workplace, and this requires everyone having the requisite security knowledge and know-how. To maximise knowledge levels, organisations should encourage and facilitate Security Knowledge Sharing (SKS) between employees. To maximise sharing, we need first to understand the mechanisms whereby such sharing takes place and then to encourage and engender such sharing. A study was carried out to test the applicability of Transactive Memory Systems Theory in describing knowledge sharing in this context, which confirmed its applicability in this domain. To encourage security knowledge sharing, the harnessing of Self-Determination Theory was proposed— satisfying employee autonomy, relatedness and competence needs to maximise sharing. Such sharing is required to improve and enhance employee security awareness across organisations. We propose a model to describe the mechanisms for such sharing as well as the means by which it can be encouraged.

AB - Employees play a crucial role in enhancing information security in the workplace, and this requires everyone having the requisite security knowledge and know-how. To maximise knowledge levels, organisations should encourage and facilitate Security Knowledge Sharing (SKS) between employees. To maximise sharing, we need first to understand the mechanisms whereby such sharing takes place and then to encourage and engender such sharing. A study was carried out to test the applicability of Transactive Memory Systems Theory in describing knowledge sharing in this context, which confirmed its applicability in this domain. To encourage security knowledge sharing, the harnessing of Self-Determination Theory was proposed— satisfying employee autonomy, relatedness and competence needs to maximise sharing. Such sharing is required to improve and enhance employee security awareness across organisations. We propose a model to describe the mechanisms for such sharing as well as the means by which it can be encouraged.

U2 - 10.1007/978-3-030-44322-1_28

DO - 10.1007/978-3-030-44322-1_28

M3 - Conference contribution

SN - 9783030443214

T3 - Lecture Notes in Business Information Processing (LNBIP)

SP - 376

EP - 390

BT - Information systems

A2 - Themistocleous, Marinos

A2 - Papadaki, Maria

PB - Springer

CY - Cham

T2 - 16th European, Mediterranean, and Middle Eastern Conference on Information Systems

Y2 - 9 December 2019 through 10 December 2019

ER -

Alahmari S, Renaud K, Omoronyia I. A model for describing and maximising Security Knowledge Sharing to enhance security awareness. In Themistocleous M, Papadaki M, editors, Information systems: 16th European, Mediterranean, and Middle Eastern Conference, EMCIS 2019, Dubai, United Arab Emirates, December 9–10, 2019, Proceedings. Cham: Springer. 2020. p. 376-390. (Lecture Notes in Business Information Processing (LNBIP)). https://doi.org/10.1007/978-3-030-44322-1_28

A model for describing and maximising Security Knowledge Sharing to enhance security awareness

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this