Abstract
In this chapter we propose the fundaments of a design of an exploratory simulation of security management in a corporate environment. The model brings together theory and research findings on causes of information security risks in order to analyse diverse roles interacting through scripts. The framework is an adaptation of theoretical and empirical research in general crime prevention for the purposes of cybercrime. Its aim is to provide insights into the prerequisites for a more functional model (Information security; Conjunction of criminal opportunity; Crime scripts; Simulation).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adams A, Sasse MA. Users are not the enemy: why users compromise security mechanisms and how to take remedial measures. Commun ACM. 1999;42:40–6. doi:10.1145/322796.322806.
Stajano F, Wilson P. Understanding scam victims: seven principles for systems security. Commun ACM. 2011;54:70–5. doi:10.1145/1897852.1897872.
Riegelsberger J, Sasse M, McCarthy J. The mechanics of trust: a framework for research and design. Int J Hum-Comput Stud. 2005;62:381–422. doi:10.1016/j.ijhcs.2005.01.001.
Beautement A, Sasse MA, Wonham M. The compliance budget: managing security behaviour in organisations. In: Proceedings of the 2008 workshop on New security paradigms. ACM, Lake Tahoe, California, USA, p. 47–58, doi:10.1145/1595676.1595684 NULL.
Collins BS, Mansell R. Cyber trust and crime prevention: A synthesis of the state-of-the-art science reviews. 2004. London, UK. http://eprints.lse.ac.uk/4252/. Accessed 16 Sept 2013.
Ekblom P. Happy returns: ideas brought back from situational crime prevention’s exploration of design against crime. In: Farrell G, Tilley N, editors. The Reasoning Criminologist: Essays in Honour of Ronald V. Clarke. Routledge, p 163–204; 2011.
Ekblom P. Crime prevention, security and community safety using the 5Is framework (Crime Prevention and Security Management). Palgrave Macmillan; 2010.
Cornish D. Crimes as scripts. In: Zahm D, Cromwell P, editors. Proceedings of the International Seminar on Environmental Criminology and Crime Analysis. Tallahassee: Florida Criminal Justice Executive Institute; 1994. p. 30–45.
Alexander C, Ishikawa S, Silverstein M. A pattern language: towns, buildings, construction. Later printing. Oxford: Oxford University Press; 1977.
Gamma E, Helm R, Johnson R, Vlissides J. Design patterns: elements of reusable object-oriented software, 1st ed. Addison-Wesley Professional; 1994.
Birks D, Townsley M, Stewart A. Generative explanations of crime: using simulation to test criminological theory. Criminology. 2012;50:221–54. doi:10.1111/j.1745-9125.2011.00258.x.
Cone B, Irvine CE, Thompson MF, Nguyen T. A video game for cyber security training and awareness. Comput Secur. 2007;26:63–72. doi:10.1016/j.cose.2006.10.005.
Schultz. A framework for understanding and predicting insider attacks. Comput Secur. 2002; 21:526–531, doi:10.1016/s0167-4048(02)01009-x.
Tuglular T, Spafford EH. A framework for characterisation of insider computer misuse; 1997.
Parker DB. Fighting computer crime: a new framework for protecting information. Wiley; 1998.
Ekblom P. Gearing up against crime: a dynamic framework to help designers keep up with the adaptive criminal in a changing world. Int J Risk Secur Crime Prev. 1997;2:249–65.
Ruskov M, Celdran JM, Ekblom P, Sasse MA. Unlocking the next level of crime prevention: development of a game prototype to teach the conjunction of criminal opportunity. Information Technologies and Control 8; 2013.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Ruskov, M., Ekblom, P., Sasse, M.A. (2014). Towards a Simulation of Information Security Behaviour in Organisations. In: Blackwell, C., Zhu, H. (eds) Cyberpatterns. Springer, Cham. https://doi.org/10.1007/978-3-319-04447-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-04447-7_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-04446-0
Online ISBN: 978-3-319-04447-7
eBook Packages: Computer ScienceComputer Science (R0)