In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
European Information Security Multi-Conference (EISMC 2013)
Title: An Analysis of Information Security Vulnerabilities at Three Australian Government Organisations
Author(s): Kathryn Parsons, Agata McCormac, Malcolm Pattinson, Marcus Butavicius, Cate Jerram
Keywords: Information security (InfoSec), InfoSec behaviour, Information Risk, InfoSec awareness, InfoSec vulnerabilities
Abstract: This paper reports on a study conducted by The University of Adelaide with the support of the Defence Science and Technology Organisation, to examine information security (InfoSec) vulnerabilities caused by individuals, and expressed by their knowledge, attitude and behaviour. A total of 203 employees, from three large Australian government organisations, completed a web-based questionnaire designed to capture the knowledge, attitude and behaviour of individuals in regard to InfoSec. In conjunction with this employee questionnaire, qualitative interviews were conducted with a small number of senior management employees from each of the three organisations. Overall, the questionnaire results indicated that employees from all three organisations had reasonable levels of awareness of InfoSec vulnerabilities. Analysis of the qualitative interviews revealed that management not only had an accurate understanding of their employees' InfoSec awareness, but were able to recognise vulnerable areas that required further attention and improvement, such as the appropriate use of wireless technology, the reporting of security incidents and the use of social networking sites.
Download count: 1631
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.