Dr. Mark Ciampa
Western Kentucky University
Phishing: Protecting Users Through Behavior Influencing Security Policies
Abstract
Computer security remains a fundamental problem for computer users and organizations. One of the most common types of attacks is“phishing," which is the act of tricking the user into divulging confidential information. Different strategies have been proposed to protect users from phishing. These include eliminating the threat, warning users about the threat, and training users to not provide confidential information. Each of these strategies has proven to be marginally effective. Some organizations are now using written security policies to influence user behavior in defending against phishing attacks. In this talk, we will discuss computer security: how we got to where we are today, phishing attacks and defenses, ineffectiveness of types of user training, how security policies play a role in organizations today, and various content elements of security policies and their effect on mitigating phishing attacks.
About the Speaker
Mark Ciampa is an Assistant Professor of Computer
Information Systems at Western Kentucky University in Bowling Green, Kentucky
and holds a PhD in Digital Communication Systems from Indiana State University.
Prior to this he was an Associate Professor and served as the Director of
Academic Computing at Volunteer State Community College in Gallatin, Tennessee
for 20 years. Mark has worked in the IT industry as a computer consultant for
the U.S. Postal Service, the Tennessee Municipal Technical Advisory Service,
and the University of Tennessee. He
is also the author of 19 technology textbooks, including Security+ Guide to Network Security Fundamentals 3ed, CWNA Guide to Wireless LANs 2ed, Guide to
Wireless Communications, Security Awareness: Applying Practical Security In Your
World, and Networking BASICS
|