Is human the weakest link in information security? : systematic literature review
Tämä pro gradu -tutkielma tutkii ihmisen roolia tietoturvassa sekä esittää tunnetuimpia tietoturvaheikkouksia. Tutkielma on toteutettu systemaattisen kirjallisuuskatsauksen keinoin ja siinä etsitään vastausta tutkimuskysymykseen ”onko ihminen tietoturvan heikoin lenkki”. Tutkielma koostuu 31 pääartikkelin, sekä niiden lähteiden analyysistä, joiden pohjalta on tutkittu väitettä tai oletusta, jonka mukaan ”ihminen on tietoturvan heikoin lenkki”. Tutkimuksen johtopäätöksissä todetaan, että kyseistä väitettä, sekä sen eri versioita on käytetty hyvin laajamittaisesti tietoturvakirjallisuudessa, vaikka tieteellistä näyttöä ihmisen roolista heikoimpana lenkkinä ei tutkimuksessa löydetty tai edes pyritty löytämään. Tämän tiedon avulla organisaatiot pystyvät yhä paremmin näkemään, missä organisaatioiden ”heikoin lenkki” mahdollisesti sijaitsee, sekä myös suhtautumaan tietoturvakirjallisuuden yleistyksiin pienellä varauksella. Tässä tutkielmassa esitellään myös esimerkki tietomurtoja, sekä analysoidaan niiden kompleksisuutta.
...
This master’s thesis examines the role of human in the information security and presents the most known information security threats. Based on a systematic literature review, this thesis tries to find an answer to the research question: ”is human the weakest link in information security”. The thesis consists of an analysis of 31 main articles and their sources on the basis of which the claim or assumption “human is the weakest link in information security” has been studied. The study concludes that this phrase, as well as its various versions, has been used extensively in security literature, although scientific evidence on the role of human as the weakest link was not found in the research. With this information, organizations are increasingly more capable to see where the organizations' weakest link might actually be located, and also to take a general view of the generalization of information security literature. This thesis also introduces an example of data breaches, and analyzes their complexity.
...
Keywords
Metadata
Show full item recordCollections
- Pro gradu -tutkielmat [29740]
License
Related items
Showing items with similar title or keywords.
-
Trends for the DevOps Security : A Systematic Literature Review
Leppänen, Tiina; Honkaranta, Anne; Costin, Andrei (Springer International Publishing, 2022)Due to technical advances, old ways for securing DevOps software development have become obsolete. Thus, researchers and practitioners need new insights into the security challenges and practices of DevOps development. ... -
Etic and emic data production methods in the study of journalistic work practices : A systematic literature review
Haapanen, Lauri; Manninen, Ville JE (SAGE Publications, 2023)This methodological paper discusses the application of etic and emic perspectives in producing data sets for the study of journalistic praxis. The concepts refer to the researcher-analyst’s and the practitioner-informant’s ... -
Artificial Intelligence for Cybersecurity : A Systematic Mapping of Literature
Wiafe, Isaac; Koranteng, Felix N.; Obeng, Emmanuel N.; Assyne, Nana; Wiafe, Abigail; Gulliver, Stephen R. (IEEE, 2020)Due to the ever-increasing complexities in cybercrimes, there is the need for cybersecurity methods to be more robust and intelligent. This will make defense mechanisms to be capable of making real-time decisions that can ... -
Living alone and positive mental health : a systematic review
Tamminen, Nina; Kettunen, Tarja; Martelin, Tuija; Reinikainen, Jaakko; Solin, Pia (BioMed Central, 2019)Background: Living alone has become more common in today’s societies. Despite the high number of the population living alone, research directed towards the mental wellbeing issues related to living alone has been limited. ... -
How pedagogical agents communicate with students : A two-phase systematic review
Sikström, Pieta; Valentini, Chiara; Sivunen, Anu; Kärkkäinen, Tommi (Elsevier, 2022)Technological advancements have improved the capabilities of pedagogical agents to communicate with students. However, an increased use of pedagogical agents in learning environments calls for a deeper understanding of ...