HYPNO-ANDRAGOGY 2.0: TRANSFORMATION OF LEARNING PROCESS USING HYPNOSIS METHOD IN ANDRAGOGY CLASS

It turns out that the technique of teaching in the Andragogy class is very different from the teaching techniques in the Paedagogy class. Note in our previous research there are some trainers who only master substantial competence, but donot master the andragogy. As a result there are trainees who experience the state of Futur while in the classroom. Other significant findings such as in BLC (Building Learning Commitment) classes, where trainees are rather slow in making decisions in the classroom. Their decision-making time below average time. We did research on 6 classes in year 2017. These findings can be solved by the hypno-andragogy method. Hypno-Andragogy is a learning process technique that in delivering the subject matter using communication techniques that are very persuasive and suggestive with the aim that trainees easily understand and feel comfortable in the classroom. In this version 2.0 there is a change in step 4th and 7th. That are Positive vibes with positive self-talk and self-healing using Simple-TRE (Tension and Trauma Releasing Exercise) technique. The use of Hypno-Andragogy methods in the classroom can help create a more effective learning process. Thus, according to the outcomes we expect, the atmosphere in the class becomes more conducive. Class more secure and comfortable. Well motivated trainees. Easy to accept and understand the learning materials so that learning objectives can be achieved

Incorporating Global Information Security and Assurance in I.S. Education

Over the years, the news media has reported numerous information security incidents. Because of identity theft, terrorism, and other criminal activities, President Obama has made information security a national priority. Not only is information security and assurance an American priority, it is also a global issue. This paper discusses the importance of Global Information Security and Assurance in information systems (IS) education. Current university graduates will become tomorrow’s users and protectors of data and systems. It is important for universities to provide training in security and assurance of information systems. Are students getting adequate education in this area? If not, this leaves them ill-prepared for the needs of the workplace. The security of our information systems needs to be a major concern for educators and corporate leaders. We recommend that instruction in security and assurance be a core component of the curriculum for all IS and business students. The purpose of this special issue is to provide insights, ideas, and practical tips from IS educators and professionals. Along with the academic papers in this issue, a new section was added, advisory from professionals. Just as a university information systems department has an advisory board of professionals, this new section provides an advisory to academics; professionals provide insights into the corporate world and they need

Measuring An Information Security Awareness Program

Research shows security awareness lacks a uniform definition. This paper explores the various attempts that have been made to define security awareness and then presents a clear and concise definition of security awareness. Due to the lack of a behaviorally-oriented measurement, security awareness has relied on the use of self-reported questionnaires and surveying users through this same type of instrument. These attempts assume that knowledge of security awareness leads to correspondingly correct behavior, without attempting any field validation that this paradigm holds true. This paper goes beyond self-reporting and measures the behavior of end-users. It compares that behavior with policy to determine the actual compliance percentage and draws conclusions from these results

Measuring An Information Security Awareness Program

Research shows security awareness lacks a uniform definition. This paper explores the various attempts that have been made to define security awareness and then presents a clear and concise definition of security awareness. Due to the lack of a behaviorally-oriented measurement, security awareness has relied on the use of self-reported questionnaires and surveying users through this same type of instrument. These attempts assume that knowledge of security awareness leads to correspondingly correct behavior, without attempting any field validation that this paradigm holds true. This paper goes beyond self-reporting and measures the behavior of end-users. It compares that behavior with policy to determine the actual compliance percentage and draws conclusions from these results

Aligning Security Awareness With Information Systems Security Management

This paper explores the way information security awareness connects to the overall information security management framework it serves. To date, the formulation of security awareness initiatives has tended to ignore the important relationship with the overall security management context, and vice versa. In this paper we show that the two processes can be aligned so as to ensure that awareness activities serve the security management strategy and that security management exploits the benefits of an effective awareness effort. To do so, we analyze the processes of security awareness and security management using a process analysis framework and we explore their interactions. The identification of these interactions results in making us able to place awareness in a security management framework instead of viewing it as an isolated security mechanism

Evaluating Cyber Security Awareness Levels For Employees In DRB-Hicom Auto Solutions

The Internet is becoming increasingly connected to people in the daily life of many individuals, organisations and nations. It has benefit many people and gives a positive effect on the way people communicate. It has also introduced new avenues for business and has offered nations an opportunity to be involved in an online business. Although cyberspace offers a borderless list of services and opportunities, it is also accompanied by many risks. One of these risks is cyber attack. In an organisation, most of the cyber-attacks are email phishing, ransomware and data leaking. As concluded by many researchers that those use the Internet are not aware of such threats. In view of this, there is a need for an effective of cyber security awareness training that is custom-made according to the level of user knowledge. In this context, the primary research objective of this study is to understand the level of awareness and propose a training model to the organisation. Respondents were required to feedback their level of awareness for email phishing, cyber fraud, ransomware, social engineering and data leak. The total of 108 respondents were involved in this study and the finding shows that the awareness level is quite low for social engineering and cyber fraud attacks for almost all group age, job category and length of service. (Abstract by author

IMPLEMENTATION CHALLENGES FOR INFORMATION SECURITY AWARENESS INITIATIVES IN E-GOVERNMENT

With the widespread adoption of electronic government services, there has been a need to ensure a seamless flow of information across public sector organizations, while at the same time, maintaining confidentiality, integrity and availability. Governments have put in place various initiatives and programs including information security awareness to provide the needed understanding on how public sector employees can maintain security and privacy. Nonetheless, the implementation of such initiatives often faces a number of challenges that impede further take-up of e-government services. This paper aims to provide a better understanding of the challenges contributing towards the success of information security awareness initiatives implementation in the context of e-government. Political, organizational, social as well as technological challenges have been utilized in a conceptual framework to signify such challenges in e-government projects. An empirical case study conducted in a public sector organization in Greece was exploited in this research to reflect on these challenges. While, the results from this empirical study confirm the role of the identified challenges for the implementation of security awareness programs in e-government, it has been noticed that awareness programmers often pursue different targets of preserving security and privacy, which sometimes results in adding more complexity to the organization

Securing Personal Information Assets: Testing Antecedents of Behavioral Intentions

Due to the increased global reliance on information technology, and the prominence of information resources value, identity theft is a problem domain effecting millions of computer users annually. The realities of identity theft are highly visible in the global media, although empirical investigations on the topic are limited. The purpose of this study is to identify and analyze perceptions of personal information (e.g., identity) as it relates to perceived threats, mitigation, perceived risks, and intended safe information practice intentions. We propose a risk analysis model based on theoretical variables that have been researched and extensively used in both government and private sector organizations. The model is empirically tested using LISREL to perform structural equation modeling. Findings indicate support for a relationship between risk and both 1) behavioral intentions to perform safe information practices and 2) personal information asset value

Decentralized Telemedicine Framework for a Smart Healthcare Ecosystem

The healthcare sector is one of the most rapidly growing sectors globally. With the ever-growing technology, patient care, regulatory compliance, and digital transformation, there is an increased need for healthcare sectors to collaborate with all stakeholders – both within the healthcare ecosystem and in concurring industries. In recent times, telemedicine has proven to provide high quality, affordable, and predominantly adapted healthcare services. However, telemedicine suffers from several risks in implementation, such as data breach, restricted access across medical fraternity, incorrect diagnosis and prescription, fraud, and abuse. In this work, introduce blockchain-based framework that would unlock the future of the healthcare sector and improved services. Our proposed solution utilizing Ethereum smart contracts to develop a transparent, tamper-proof telemedicine healthcare framework, and ensure the integrity of sensitive patient data eliminating a central administrator. Moreover, the smart contract regulates the interaction between all the parties involved in the network and keeps the patient meticulously informed about the transactions in the network