Buy Used
CDN$ 52.01
+ CDN$ 6.49 shipping
Used: Good | Details
Sold by anybookltduk
Condition: Used: Good
Comment: This is an ex-library book and may have the usual library/used-book markings inside.This book has hardback covers. In good all round condition. No dust jacket.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Information Security And Employee Behaviour: How to Reduce Risk Through Employee Education, Training And Awareness Hardcover – Feb 2006

See all 2 formats and editions Hide other formats and editions
Amazon Price
New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 180.65 CDN$ 52.01

Save an Additional 10% on Textbooks When you Join Amazon Student

No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your e-mail address or mobile phone number.

Product Details

  • Hardcover: 169 pages
  • Publisher: Gower Pub Co; New edition edition (February 2006)
  • Language: English
  • ISBN-10: 0566086476
  • ISBN-13: 978-0566086472
  • Product Dimensions: 1.9 x 17.1 x 24.8 cm
  • Shipping Weight: 381 g
  • Average Customer Review: Be the first to review this item
  • Amazon Bestsellers Rank: #2,694,972 in Books (See Top 100 in Books)
  •  Would you like to update product info, give feedback on images, or tell us about a lower price?

  • See Complete Table of Contents

Product Description


'McIlwraith's message is important. His writing is interesting and clear. His suggestions are useful. His book is recommended for anyone with either a specific obligation for awareness training, or overall responsibility for security management.' Robert M. Slade, Victoria Tele-community Network, Canada 'Information is every organisation's most prized asset. This book will be essential reading for organisations which, although content with the technical security measures in place, nonetheless have concerns over whether their staff have sufficient understanding of this area.' Information Security Specialist Group Magazine '...provides a very pragmatic solution, improving strategies and techniques for educating and training employees in information security, and explains how different metrics can be used to assess awareness and behavior. It is a worthwhile reading book and a must for every business library.' Educational Book Review, India

About the Author

Angus McIlwraith has worked in the field of Information Security and Business Control for 20 years. He has for many years held (and broadcast) the view that Information Security is not making best use of time and resources by failing to address some fundamental issues. By not doing so, time and money is wasted; in some extreme circumstances, lives are being put at risk unnecessarily. Angus' professional experience was gained mainly in Financial Services. He has worked for Lloyds Bank, American Express, NatWest Bank and Standard Life, as well as working as a consultant to a wide range of international organisations. He has spoken at many conferences, including numerous Information Security Forum (ISF) Congresses, the London based COMPSEC conference, the Institute of Internal Auditors annual conference and the British Computer Society Information Security Specialist Group (BCS ISSG). Angus was an elected Member of the ruling Council of the ISF for eight years and was a member of the UK based Banking Information Security Expert Panel (BISEP). He writes regularly for many publications. He held a monthly column in Information Security Management magazine, and provided a monthly piece in Secure Computing magazine for many years.

Inside This Book

(Learn More)
First Sentence
Most people react to risk in an emotional manner. Read the first page
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on (beta) HASH(0xa2124870) out of 5 stars 1 review
1 of 1 people found the following review helpful
HASH(0xa2127bd0) out of 5 stars Interesting, good to know, but lacks practicality March 23 2006
By Lea K. Kivi - Published on
Format: Hardcover Verified Purchase
Angus McIlwraith's book "Information Security and Employee Behaviour" is interesting and well-written, but not enormously useful with regard to the practical matter of implementing a security awareness program.

The first section, "A Framework For Understanding", succeeds in presenting important individual and group psychological factors to consider when seeking to change employee behavior.

However, the second section, "A Framework For Implementation" just gives high-level implementation steps and then describes in great detail only two aspects of implementing a security awareness program - measuring awareness, and choosing delivery media. No practical methodologies are presented. One has the sense that there are several chapters missing. It would have been a more useful book if all five steps in developing an awareness program proposed by the author in chapter 4 had been elaborated upon.

If you are someone looking for practical help in putting together an entire security awareness program, by far the best book out there at this point is "Managing an Information Security and Privacy Awareness and Training Program by Rebecca Herold.