Sign up to save your podcasts
Or
Share HPR4615: Clicking through an audit
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
HPR4615: Clicking through an audit
This show has been flagged as Explicit by the host.
ISO 27001
from Wikipedia.org:
ISO/IEC 27001
is an
information security standard
. It specifies the requirements for establishing, implementing, maintaining and continually improving an
information security management system
(ISMS). Organizations with an ISMS that meet the standard's requirements can choose to have it certified by an
accredited certification body
following successful completion of an
audit
.
Information security audit
from Wikipedia.org:
An
information security audit
is an
audit
of the level of
information security
in an organization. It is an independent review and examination of system records, activities, and related documents. These audits are intended to improve the level of information security, avoid improper information security designs, and optimize the efficiency of the security safeguards and security processes.
Factors contributing to cybersecurity fatigue
Source: Adapted from Factors contributing to cybersecurity fatigue by L. J. J. S. (2024), Abertay University.
Available at:
https://rke.abertay.ac.uk/en/publications/factors-contributing-to-cybersecurity-fatigue/
In cloud-based environments, the push for high-security standards often leads to "cybersecurity fatigue," which creates unintended psychological strain on employees.
Constant interruptions from repetitive access requests.
Overload of security checks and decision fatigue.
Lack of clear understanding regarding actual cybersecurity risks.
Impact on Behavior
Fatigue frequently leads to negative outcomes, including the bypassing of security protocols, abandonment of necessary tasks, and total disengagement from mandatory training.
Key Concept
The study highlights "attitudinal fatigue" (an employee's negative mindset toward security) as a major barrier to organizational resilience and compliance.
Strategic Recommendations:
Transition to "contextualized training" that uses relatable, real-world scenarios.
Streamline security workflows to minimize disruption to daily productivity.
Develop targeted interventions.
National Institute of Standards and Technology
2011 Report:
Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
(Tangentially
) related Episodes
hpr3779 :: Just Because You Can Do a Thing...
- Trey
hpr0061 :: Punk Computing
- Klattu
hpr0002 :: Customization the Lost Reason
- Deepgeek
Provide feedback on this episode.
View all episodes
By Hacker Public Radio
4.2
3434 ratings
This show has been flagged as Explicit by the host.
ISO 27001
from Wikipedia.org:
ISO/IEC 27001
is an
information security standard
. It specifies the requirements for establishing, implementing, maintaining and continually improving an
information security management system
(ISMS). Organizations with an ISMS that meet the standard's requirements can choose to have it certified by an
accredited certification body
following successful completion of an
audit
.
Information security audit
from Wikipedia.org:
An
information security audit
is an
audit
of the level of
information security
in an organization. It is an independent review and examination of system records, activities, and related documents. These audits are intended to improve the level of information security, avoid improper information security designs, and optimize the efficiency of the security safeguards and security processes.
Factors contributing to cybersecurity fatigue
Source: Adapted from Factors contributing to cybersecurity fatigue by L. J. J. S. (2024), Abertay University.
Available at:
https://rke.abertay.ac.uk/en/publications/factors-contributing-to-cybersecurity-fatigue/
In cloud-based environments, the push for high-security standards often leads to "cybersecurity fatigue," which creates unintended psychological strain on employees.
Constant interruptions from repetitive access requests.
Overload of security checks and decision fatigue.
Lack of clear understanding regarding actual cybersecurity risks.
Impact on Behavior
Fatigue frequently leads to negative outcomes, including the bypassing of security protocols, abandonment of necessary tasks, and total disengagement from mandatory training.
Key Concept
The study highlights "attitudinal fatigue" (an employee's negative mindset toward security) as a major barrier to organizational resilience and compliance.
Strategic Recommendations:
Transition to "contextualized training" that uses relatable, real-world scenarios.
Streamline security workflows to minimize disruption to daily productivity.
Develop targeted interventions.
National Institute of Standards and Technology
2011 Report:
Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
(Tangentially
) related Episodes
hpr3779 :: Just Because You Can Do a Thing...
- Trey
hpr0061 :: Punk Computing
- Klattu
hpr0002 :: Customization the Lost Reason
- Deepgeek
Provide feedback on this episode.
More shows like Hacker Public Radio
View all
The Infinite Monkey Cage
1,952 Listeners
Click Here
418 Listeners
Hacker And The Fed
168 Listeners