Details

Pristop za ozaveščanje zaposlenih na področju kibernetske varnosti
ID Keber, Matija (Author), ID Vavpotič, Damjan (Mentor) More about this mentor... This link opens in a new window, ID Fujs, Damjan (Comentor)

.pdfPDF - Presentation file, Download (511,49 KB)
MD5: 56FBD8C545DE48600FA87B0843DBD598

Abstract
Vedno večja odvisnost družbe od informacijskih tehnologij prinaša tudi povečano tveganje kibernetskih napadov. Ti se pogosto ne osredotočajo zgolj na tehnične pomanjkljivosti, temveč ciljajo na uporabnike -- najšibkejši člen sistema. Čeprav lahko varnostne grožnje delno preprečimo s strojno in programsko opremo, je ključno, da so uporabniki izobraženi o socialnem inženiringu, znajo prepoznati nevarnosti, se ustrezno odzvati ter vedo, na koga se obrniti v primeru incidenta. Naš cilj je čim bolj učinkovito ozaveščanje uporabnikov. Razvili smo pristop, ki vključuje takojšnje izobraževanje ob kliku na zlonamerno povezavo ter interaktivno igro vlog v obliki kvizov s povratnimi informacijami. Uporabnikom posredujemo tako generična kot ciljno usmerjena sporočila, saj želimo doseči večjo osebno povezanost z izobraževalnim procesom. Učinkovitost pristopa smo preizkusili v eksperimentu, izvedenem v izbranem slovenskem podjetju. Rezultati bodo podali vpogled v trenutno stanje znanja zaposlenih ter ocenili uporabnost našega pristopa za nadaljnje izobraževalne kampanje.

Language:Slovenian
Keywords:spletno zvabljanje, kibernetska varnost, ozaveščanje zaposlenih
Work type:Bachelor thesis/paper
Typology:2.11 - Undergraduate Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2025
PID:20.500.12556/RUL-167290 This link opens in a new window
COBISS.SI-ID:226308099 This link opens in a new window
Publication date in RUL:13.02.2025
Views:549
Downloads:130
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Approach to raising employee awareness of cyber security
Abstract:
Society's increasing dependence on IT has brought with it an increased risk of cyber-attacks. These often target users - the weakest link in the system - rather than just technical weaknesses. Although security threats can be partially prevented by hardware and software, it is crucial that users are educated about social engineering, know how to identify threats, react appropriately and know who to contact in the event of an incident. Our aim is to raise awareness in the most effective way possible. We have developed an approach that includes instant education when a malicious link is clicked, and interactive role-playing in the form of quizzes with feedback. We deliver both generic and targeted messages to users, as we aim to achieve greater personal engagement with the educational process. We will test the effectiveness of the approach in an experiment carried out in a selected Slovenian company. The results will provide insights into the current state of knowledge of employees and assess the usefulness of our approach for further educational campaigns.

Keywords:phishing, cyber security, employee awareness

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back