Abstract
This paper addresses the importance of continuously evaluating an organization's awareness program and provides guidelines that will help organizations assess their efforts, extending the authors' work in [1]. The proposed methodology evaluates an awareness program considering the most common and essential methods used for delivering awareness material. Key awareness-related processes and accompanying quantitative metrics are identified, along with a methodology for dynamically evaluating the metrics and the overall awareness program as a whole. A software tool is developed, to facilitate the deployment and maintenance of the assessment methods and to formalize their aggregation and evaluation. An organization's security awareness posture is modelled as a dynamic system and the awareness level is calculated and monitored through time via Event Calculus. Furthermore, the tool can be deployed in a multi-agent form, to enable its use by organizations operating through remote offices and distributed locations. © 2014 Springer International Publishing.
Author supplied keywords
Cite
CITATION STYLE
Manifavas, C., Fysarakis, K., Rantos, K., & Hatzivasilis, G. (2014). DSAPE - Dynamic Security Awareness Program Evaluation. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8533 LNCS, pp. 258–269). Springer Verlag. https://doi.org/10.1007/978-3-319-07620-1_23
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
