Search results

The purpose of this paper is to propose a framework to address the problem that email users are not well-informed or assisted by their email clients in identifying possible phishing attacks, thereby putting their personal information at risk. This paper therefore addresses the human weakness (i.e. the user’s lack of knowledge of phishing attacks which causes them to fall victim to such attacks) as well as the software related issue of email clients not visually assisting and guiding the users through the user interface.

A literature study was conducted in the main field of information security with a specific focus on understanding phishing attacks and a modelling technique was used to represent the proposed framework. This paper argues that the framework can be suitably implemented for email clients to raise awareness about phishing attacks. To validate the framework as a plausible mechanism, it was reviewed by a focus group within the School of Information and Communication Technology (ICT) at the Nelson Mandela Metropolitan University (NMMU). The focus group consisted of academics and research students in the field of information security.

This paper argues that email clients should make use of feedback mechanisms to present security related aspects to their users, so as to make them aware of the characteristics pertaining to phishing attacks. To support this argument, it presents a framework to assist email users in the identification of phishing attacks.

Future research would yield interesting results if the proposed framework were implemented into an existing email client to determine the effect of the framework on the user’s level of awareness of phishing attacks. Furthermore, the list of characteristics could be expanded to include all phishing types (such as clone phishing, smishing, vishing and pharming). This would make the framework more dynamic in that it could then address all forms of phishing attacks.

The proposed framework could enable email clients to provide assistance through the user interface. Visibly relaying the security level to the users of the email client, and providing short descriptions as to why a certain email is considered suspicious, could result in raising the awareness of the average email user with regard to phishing attacks.

This research presents a framework that email clients can use to identify common forms of normal and spear phishing attacks. The proposed framework addresses the problem that the average Internet user lacks a baseline level of online security awareness. It argues that the email client is the ideal place to raise the awareness of users regarding phishing attacks.

The purpose of this paper is to argue that information security should be regarded as a critical cross‐field outcome (CCFO). This could assist in narrowing the evident “information security gap” that currently exists in undergraduate information technology/information systems/computer science (IT/IS/CS) curricula at South African universities.

This paper briefly reviews existing literature relating to outcomes‐based education in South Africa with a specific focus on CCFOs. A literature review was also carried out to determine existing approaches to education in information security. A survey was carried out to establish the extent to which information security is currently incorporated into the IT/IS/CS curricula at South African universities and a discussion group was used to provide insight into the current situation at undergraduate level.

Education in information security has matured much more rapidly in postgraduate than in undergraduate programmes at South African universities. In addition, the extent to which information security is addressed at undergraduate level is on an ad hoc basis, with isolated attention being paid to a few information security aspects. An integrated approach to information security education is therefore proposed by considering information security as a CCFO.

Further research is required to determine how appropriate information security aspects can be seamlessly integrated into the various learning programmes at undergraduate level.

The proposed integrated approach to information security education will require that IT/IS/CS educators develop strategies to incorporate relevant information security aspects into their learning programmes.

This paper proposes an integrated approach to information security education by considering information security as a CCFO.

Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information technology (IT)-centric solutions to secure and strengthen their information security ecosystem. Unfortunately, they pay little attention to human resource management (HRM) solutions. This paper aims to address this gap and proposes an actionable human resource (HR)-centric and artificial intelligence (AI)-driven framework.

The paper highlights the dangers posed by insider threats and presents key findings from a Leximancer-based analysis of a rapid literature review on the role, nature and contribution of HRM for information security, especially in addressing insider threats. The study also discusses the limitations of these solutions and proposes an HR-in-the-loop model, driven by AI and machine learning to mitigate these limitations.

The paper argues that AI promises to offer many HRM-centric opportunities to fortify the information security architecture if used strategically and intelligently. The HR-in-the-loop model can ensure that the human factors are considered when designing information security solutions. By combining AI and machine learning with human expertise, this model can provide an effective and comprehensive approach to addressing insider threats.

The paper fills the research gap on the critical role of HR in securing and strengthening information security. It makes further contribution in identifying the limitations of HRM solutions in info security and how AI and machine learning can be leveraged to address these limitations to some extent.

At a recent meeting of the Glasgow Grocers' and Provision Merchants' Association, it was alleged that there are provision merchants in Glasgow who are doing a large business in selling margarine as butter at 1s. 2d. per pound. In commenting upon this statement The Grocer very properly urges that the officials of the Association referred to should take prompt steps to place the facts in their possession before the Glasgow authorities and their officers, and observes that in certain cities and towns—Birmingham, for example—the grocers' associations have co‐operated with the authorities in their efforts to suppress illegal trading, particularly in regard to the sale of margarine as butter. It appears that one of the members of the Glasgow Association expressed the opinion that the Margarine Act has been a failure and that shopkeepers who sell margarine as butter should be charged with obtaining money under false pretences.

We confess that we get a little tired of the claims of originality put forward by librarians or their admirers, often for things that have been in use for a quarter of a century. The public events diary, exhibitions of holiday literature, this or that form of reading list, library lessons, and what not, all of which have been familiar to us since the beginning of the century, have all been claimed recently by some library or other which is “showing the way.” Originality, alas, is very rare; and the claim might be avoided we think. At the same time, we much prefer the librarian who faces a problem himself, and shouts with delight at his solution, to one who faces nothing.