Most Helpful Customer Reviews on Amazon.com (beta)
1 of 1 people found the following review helpful
Interesting, good to know, but lacks practicalityMarch 23 2006
Lea K. Kivi
- Published on Amazon.com
Angus McIlwraith's book "Information Security and Employee Behaviour" is interesting and well-written, but not enormously useful with regard to the practical matter of implementing a security awareness program.
The first section, "A Framework For Understanding", succeeds in presenting important individual and group psychological factors to consider when seeking to change employee behavior.
However, the second section, "A Framework For Implementation" just gives high-level implementation steps and then describes in great detail only two aspects of implementing a security awareness program - measuring awareness, and choosing delivery media. No practical methodologies are presented. One has the sense that there are several chapters missing. It would have been a more useful book if all five steps in developing an awareness program proposed by the author in chapter 4 had been elaborated upon.
If you are someone looking for practical help in putting together an entire security awareness program, by far the best book out there at this point is "Managing an Information Security and Privacy Awareness and Training Program by Rebecca Herold.