Is human the weakest link in information security? : systematic literature review
Authors
Date
2019Copyright
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Tämä pro gradu -tutkielma tutkii ihmisen roolia tietoturvassa sekä esittää tunnetuimpia tietoturvaheikkouksia. Tutkielma on toteutettu systemaattisen kirjallisuuskatsauksen keinoin ja siinä etsitään vastausta tutkimuskysymykseen ”onko ihminen tietoturvan heikoin lenkki”. Tutkielma koostuu 31 pääartikkelin, sekä niiden lähteiden analyysistä, joiden pohjalta on tutkittu väitettä tai oletusta, jonka mukaan ”ihminen on tietoturvan heikoin lenkki”. Tutkimuksen johtopäätöksissä todetaan, että kyseistä väitettä, sekä sen eri versioita on käytetty hyvin laajamittaisesti tietoturvakirjallisuudessa, vaikka tieteellistä näyttöä ihmisen roolista heikoimpana lenkkinä ei tutkimuksessa löydetty tai edes pyritty löytämään. Tämän tiedon avulla organisaatiot pystyvät yhä paremmin näkemään, missä organisaatioiden ”heikoin lenkki” mahdollisesti sijaitsee, sekä myös suhtautumaan tietoturvakirjallisuuden yleistyksiin pienellä varauksella. Tässä tutkielmassa esitellään myös esimerkki tietomurtoja, sekä analysoidaan niiden kompleksisuutta.
...
This master’s thesis examines the role of human in the information security and presents the most known information security threats. Based on a systematic literature review, this thesis tries to find an answer to the research question: ”is human the weakest link in information security”. The thesis consists of an analysis of 31 main articles and their sources on the basis of which the claim or assumption “human is the weakest link in information security” has been studied. The study concludes that this phrase, as well as its various versions, has been used extensively in security literature, although scientific evidence on the role of human as the weakest link was not found in the research. With this information, organizations are increasingly more capable to see where the organizations' weakest link might actually be located, and also to take a general view of the generalization of information security literature. This thesis also introduces an example of data breaches, and analyzes their complexity.
...
Keywords
Metadata
Show full item recordCollections
- Pro gradu -tutkielmat [29044]
Related items
Showing items with similar title or keywords.
-
Artificial Intelligence for Cybersecurity : A Systematic Mapping of Literature
Wiafe, Isaac; Koranteng, Felix N.; Obeng, Emmanuel N.; Assyne, Nana; Wiafe, Abigail; Gulliver, Stephen R. (IEEE, 2020)Due to the ever-increasing complexities in cybercrimes, there is the need for cybersecurity methods to be more robust and intelligent. This will make defense mechanisms to be capable of making real-time decisions that can ... -
Trends for the DevOps Security : A Systematic Literature Review
Leppänen, Tiina; Honkaranta, Anne; Costin, Andrei (Springer International Publishing, 2022)Due to technical advances, old ways for securing DevOps software development have become obsolete. Thus, researchers and practitioners need new insights into the security challenges and practices of DevOps development. ... -
Etic and emic data production methods in the study of journalistic work practices : A systematic literature review
Haapanen, Lauri; Manninen, Ville JE (SAGE Publications, 2023)This methodological paper discusses the application of etic and emic perspectives in producing data sets for the study of journalistic praxis. The concepts refer to the researcher-analyst’s and the practitioner-informant’s ... -
What do we do when we analyse the temporal aspects of computer-supported collaborative learning? A systematic literature review
Lämsä, Joni; Hämäläinen, Raija; Koskinen, Pekka; Viiri, Jouni; Lampi, Emilia (Elsevier BV, 2021)To better understand the premises for successful computer-supported collaborative learning (CSCL), several studies over the last 10 years have analysed the temporal aspects of CSCL. We broadly define the temporal aspects ... -
A Systematic Literature Review and Analysis of Mobile Retailing Adoption
Tyrväinen, Olli; Karjaluoto, Heikki (Routledge, 2019)The purpose of this study is to provide a comprehensive updated review and analysis of mobile retailing adoption. Although research on mobile channel utilization has increased significantly in recent years and many new ...