[ No Description ]
This book intends to promote participation from all employees in terms of practicing information security activities within workplace. Firstly, employees’ information security perception need to evolve from delegating information security responsibilities to technical personnel alone. In short, everyone is responsible to perform necessary security tasks in their job specification. This can help to change motto from “they” (i.e. technical staff) to “all of us” (i.e. all employees) are accountable with regards to information security practices in the organisation. Secondly, once job specification has included basic information security tasks to all employees as a part of their work routines, then everyone can recognise their responsibilities and roles in information security matters. As a result, participation from all employees can encourage an establishment of appropriate information security culture among all organisational members. Thirdly, when all employees know their security work routines, it can help to increase security precautions within an organisation and act as a human firewall which can help reduce internal security incidents. As last remark, human firewall can be the ultimate defence in information security management in terms of protecting organisational assets from threats.