ISSN: 2222-6990
Open access
Information security has always been an important requirement for the business. Such assets can be broken down into three main areas, namely people, process and technologies. The Internet, the proliferation of the web, networks and the ever-growing presence of innovation have triggered profound changes to procedures that are integral in individual and institutional routines. Such technological changes have led to an increase of competitiveness which decentralization and have contributed to the need for leadership, command, security, information and knowledge safety. The article presents the findings of an information security investigation, which examines the involvement with human aspects in the field of information security and knowledge management. The implication is that the "people" component is an important variable, even crucial, for the management of information security in organizations. It can be concluded that the human element is an important, perhaps crucial, parameter for the management of corporate information security.
Aronovish, A. (2018). Why Educating Your Employees on Cyber Intelligence And Security Will Reduce Risk. Retrieved April 2020, from:
https://www.cybintsolutions.com/employee-education-reduces-risk/
Allen, B. L. (1996). Toward a user-centered approach to information systems. Los Angeles: Academic Press.
Alevriadou, A., & Massi, M. (2013). An Intervention Program Related to Reading Development – A Case Study of a Child with Williams Syndrome. Multilingual Academic Journal of Education and Social Sciences, 1(1), 86–100.
Beautement, A., & Sasse, A. (2009). The economics of user effort in information security. Computer Fraud and Security. https://doi.org/10.1016/S1361- 3723(09)70127-7
Colwill, C. (2009). Human factors in information security: The insider threat - Who can you trust these days? Information Security Technical Report.
https://doi.org/10.1016/j.istr.2010.04.004
Cyber Security Malaysia. (2010). MS ISO/IEC 27001:2007 Information Security Management System (ISMS) Implementation, ed. Malaysia: Cyber Security Malaysia
Da Veiga, A., & Martins, N. (2015). Information security culture and information protection culture: A validated assessment instrument. Computer Law and Security Review. https://doi.org/10.1016/j.clsr.2015.01.005
Everett, C. (2008). The right medicine. Infosecurity. https://doi.org/10.1016/S1754- 4548(08)70149-9
Haris@Harib, A. R., Sarijan, S., & Hussin, N. (2017). Information Security Challenges: A Malaysian Context. International Journal of Academic Research in Business and Social Sciences. https://doi.org/10.6007/ijarbss/v7-i9/3335
Kraemer, S., Carayon, P., & Clem, J. (2009). Human and organizational factors in computer and information security: Pathways to vulnerabilities. Computers and Security. https://doi.org/10.1016/j.cose.2009.04.006
Marchionini, G. (1998). Digital Library Research and Development. Encyclopedia of Library and Information Science, 63, 611-19
Sveen, F. O., Torres, J. M., & Sarriegi, J. M. (2009). Blind information security strategy. International Journal of Critical Infrastructure Protection. https://doi.org/10.1016/j.ijcip.2009.07.003
Workman, M. (2008). Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security. Journal of the American Society for Information Science and Technology. https://doi.org/10.1002/asi.20779
Van Niekerk, J. F., & Von Solms, R. (2010). Information security culture: A management perspective. Computers and Security.
https://doi.org/10.1016/j.cose.2009.10.005
Wilson, T.D. (2006b). Revisiting user studies and information needs. Journal of Documentation, 62, 680-684
Fenz, S., Neubauer, T., Accorsi, R., Koslowski, T., (2013). Forisk: formalizing information security risk and compliance management. In: 43rd. Annual IEEE/IFIP Conference on Dependable System and Network Workshop, 1-4. Retrieved April 2020, from: https://ieeexplore.ieee.org/document/6615533
Harib, A. R. H., Sarijan, S., & Hussin, N. (2017). Information security challenges: a malaysian context. International Journal of Academic Research in Business and Social Sciences, 7(9), 2222-6990.
Tarun, R. (2018). A Layered Approach to Cybersecurity: People, Processes, and Technology. Interconnecting Business and Cybersecurity. Retrieved April 2020, from: https://www.csoonline.com/article/3326301/a-layered-approach-to-cybersecurity-people-processes-and-technology.html
Kadir, M. R. A., Johari, N. I. S., & Hussin, N. (2018). Information Needs and Information Seeking Behaviour: A Case Study on Students in Private University Library. International Journal of Academic Research in Progressive Education and Development, 7(3), 226–235.
In-Text Citation: (Kamarulzaman, et. al., 2020)
To Cite this Article: Kamarulzaman, M. S., Hussin, N., Shoid, M. S. M., Ab Rahman, A., Ahmad, M. N., & Abdul Aziz, R. (2020). Information and Knowledge Management in The Scope of The Information Security Practices: The Human Factor within Organizations. International Journal of Academic Research in Business and Social Sciences. 10(11), 1102-1112.
Copyright: © 2020 The Author(s)
Published by HRMARS (www.hrmars.com)
This article is published under the Creative Commons Attribution (CC BY 4.0) license. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial and non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this license may be seen at: http://creativecommons.org/licences/by/4.0/legalcode