Using Theories and Best Practices to Bridge the Phishing Gap
نویسندگان
چکیده
Phishing is a mounting security problem that organisations and users continue to face. Organisations generally apply a single-layer level of defence against information security threats, which includes phishing. This single-layer level of defence is certainly not adequate against modern-day phishing attacks. It is essential for organisations to implement a holistic approach, while considering human factors, organisational aspects and technological controls to combat phishing threats. However, in each of these three elements, weaknesses arise as each is linked by means of human involvement. As a result, this approach creates a gap for successful phishing attacks to potentially compromise these elements. This paper suggests possible linkages to cover the ‘gaps’ between each of these elements. More understanding is necessary on how these linkages can be managed more appropriately. As such, this paper introduces possible theories and best practices which can be used to understand and address each of these linkages and therefore attempts to bridge the phishing gap by strengthening the human element.
منابع مشابه
رابطه بین ادراک پزشکان از اقدامات شواهدمحور و اقدامات مدیریت منابع انسانی عملکرد بالا با ادراک آنان از جوّ خدمت مداری(مورد مطالعه: پزشکان مراکز بهداشت اصفهان)
Introduction: Recently, the gap between academic theories of health management and human resource management as well as their organizational consequences has been appraised. `In response, some theories claiming they have achieved the best practice (bridging theory and practice) have been presented. The present study aimed to investigate the relationship between evidence-based practice (EBP) and...
متن کاملFighting phishing at the user interface
The problem that this thesis concentrates on is phishing attacks. Phishing attacks use email messages and web sites designed to look as if they come from a known and legitimate organization, in order to deceive users into submitting their personal, financial, or computer account information online at those fake web sites. Phishing is a semantic attack. The fundamental problem of phishing is tha...
متن کاملEvaluation of Corporate Governance Practices in Emerging Markets (A case study of Nigerian Banking Industry)
This study explores corporate governance practices within the context of the Nigerian banking industry using instances of corporate governance lapses that resulted in part to the Nigerian banking crises. We present multiple case analysis of publicly available documents and court papers (in the United Kingdom and Nigeria) to document instances of breach and areas of weakness in the existing Nige...
متن کاملPhishing website detection using weighted feature line embedding
The aim of phishing is tracing the users' s private information without their permission by designing a new website which mimics the trusted website. The specialists of information technology do not agree on a unique definition for the discriminative features that characterizes the phishing websites. Therefore, the number of reliable training samples in phishing detection problems is limited. M...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013