[Cialug] (no subject)

Josh More MoreJ at alliancetechnologies.net
Wed Jan 19 11:39:33 CST 2011


I completed my paper based on the survey I had sent out a few months back.  To put it very succinctly, I have long wondered why small businesses do not suffer more security breaches than they do.  As a group, they tend to have sloppy operations practices and poor to nonexistent controls.  While they are a smaller and less-tempting target, that alone doesn't seem to explain the lack of problems.  One thing that might is the tendency for people at lower risk to compensate for that lower risk by taking larger personal risks.  So I decided to study the variables of psychological control within an information security context.  The conclusions were somewhat surprising... but that may be due to the limited sample set.

If you are interested in Likert scales, psychology or academic analysis of information security, the paper is available here:  http://www.sans.org/reading_room/whitepapers/awareness/measuring-psychological-variables-control-information-security_33594 .

If you like, you can just jump down to pages 26-28 and get my conclusions

If you don't care about any of that stuff, this site has kittens:  http://kittenwar.com/   ;)



Josh More | Senior Security Consultant - CISSP, GIAC-GSLC Gold, GIAC-GCIH
Alliance Technologies | www.AllianceTechnologies.net<http://www.AllianceTechnologies.net>
400 Locust St., Suite 840 | Des Moines, IA 50309
515.245.7701 | 888.387.5670 x7701

Blog: Not The Usual Security Predictions: 2011
http://www.alliancetechnologies.net/blogs/morej

How are we doing? Let us know here:
http://www.alliancetechnologies.net/forms/alliance-technologies-feedback-survey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20110119/191d42a2/attachment.htm 


More information about the Cialug mailing list