Security culture in corporate environments in the context of modern employee education methods
Abstract
Modern enterprises are entities particularly vulnerable to cyber threats linked to social engineering methods widely used by cyber criminals. Today, corporate environments often have to face almost daily attempts at data theft based on many derivatives of modern varieties of phishing, and one of the main ways to combat such threats remains employee education, which can take various forms. A human being is generally identified as the weakest element in the “security chain” of a given correctly configured IT system. This state of affairs is taken into account both by companies preparing educational programs and training for their employees on their own, and those that outsource such activities to external companies. Effective creation of the so-called “security culture” within the scope of a given corporation is an extremely challenging and highly nontrivial task, and this topic is relatively rarely discussed in specialized literature. Continuous revision of the means and methods of conducting programmatic training and simulations, and management of activities contributing to the co-creation of a healthy corporate environment with a satisfactory degree of resistance to external threats, should therefore be one of the main priorities of the units administering local incident prevention instruments within the scope of a given company.
Copyright (c) 2024 Ignatianum University in Cracow
This work is licensed under a Creative Commons Attribution 4.0 International License.
The Yearbook only accepts materials for publication that are free of all conflicts of interest, and that in no way involve conflicts over authorship, copyright, etc. The Editors will take action against any cases of plagiarizing, ghostwriting1, guest/honorary authorship2, etc. Where co-authored work is concerned, the Author listed first is expected to take responsibility for the submission, and is required to make clear the contributions of all of the Co-Authors involved. In the event of the publication owing its existence to funding dedicated to this purpose, this fact should be made clear: e.g. in any note of thanks/acknowledgement, or in a footnote, etc. Explicit notification should be given of any form of reprinting, with the appropriate evidence of permission to publish being furnished as required. Any impropriety on the part of Authors/Reviewers risks exposing them to appropriate responses from the relevant institutions.
______
1 This term refers to instances of a person who has made an essential contribution being omitted from the list of authors, or from notes conveying gratitude and/or acknowledgement.
2 This occurs when a person who has made either an insignificant contribution or no contribution at all nevertheless appears on the list of authors.