What makes an information security training project successful?

Keywords: project management, IT security, e-learning, information security training

Abstract

Nowadays project management is a very important part of corporate culture. Organizations recognize that a modern and economical organization cannot be run and maintained without project management. Competitiveness requires processes to be planned, executed, checked and supervised; a basis for the survival of organizations is project management. In large international corporations and organizations, project planning has been considered important for a long time and in Hungary its importance is starting to be recognized. The Hungarian government has worked out an Infocommunications State Secretariat project management methodology in public administration and makes countless recommendations for organizing and running public administration organizations. Nowadays in state organizations, project management methodologies and their application is standard practice. IT security is keeping the IT components of organizational activities in the proper condition to achieve the goals. Security is an essential element of corporate operation – in an organization it is just as important as business conditions. Security is a complex concept; the individual areas are closely related and connected and depend on each other. Information security protects information from many threats (fire, water, other natural disasters, computer hacking, sabotage, software and hardware errors due to improper handling, viruses etc.) in order to ensure business continuity, minimize damage to business, and maximise the possibility of business and return on investment. The paper shows the tasks of project management through an information security training project, using concrete examples. All the selected examples have project-based planning and introduction, and represent project management-based thinking, but taking into account local expectations and exceptions.

Author Biography

Zsolt Szabó, Doctoral School on Safety and Security Sciences, Óbuda University

My name is Zsolt Szabó from University of Óbuda. I am a second-year correspondence PhD student in the Doctoral School on Safety and Security Sciences, Óbuda University. The title of my research topic is: the economic effects of global ageing on social pension security. My fields of research are economic policy, behavioral economics and information security of public organizations.

References

[1] Zs. Szabó (2017): The Information Security and IT Security Questions of Pension Payment. In: Lucia Figuli, Pavel Manas, Alexander N Kravcov, Václav Pospíchal, Bohuš Leitner, Pavel Svoboda (editor) Structural and Mechanical Engineering for Security and Prevention: ICSMESP 2017. Prague, Czech Republic. 2017.06.14-2017.06.16. Prague: Trans Tech Publications. 2017. pp. 322-327.
[2] P. Michelberger, Cs. Lábodi (2012): After Information Security - Before a Paradigm Change: A complex Enterprise Security Model. Acta Polytechnica Hungarica 9:(4). pp. 101-116.
[3] Michelberger, P. (2015): Információtechnológiai projektek másképpen, HADMÉRNÖK 10:(1) pp. 224-233.
[4] Henczi, L., Murvai, L. (2012): Projekttervezés és projektmenedzsment, Saldo Kiadó, Budapest. pp. 1-184.
[5] Verzuh, E. (2006): Projektmenedzsment, HVG könyvek, Budapest. pp. 1-424
[6] Dennis, L. (2007) Project Management (9th ed.) Gower Publishing, Ltd.. pp. 1-545.
[7] Eszenyiné, B. M. (2014): Projektmenedzsment a könyvtárban, Debreceni Egyetemi Kiadó. pp. 1-95
[8] Daróczi, M. (2011): Projektmenedzsment, Szent István Egyetem, pp. 1-152.
[9] Csiszárik-Kocsir, Á. (2018): Vállalkozások pénzügyei, Óbudai Egyetem, Budapest. pp. 1-192
[10] Bucsy L. (1976): Az innovációk rendszere és a vállalati fejlődés. Közgazdasági és Jogi K Budapest. pp. 31-41.
[11] Á. Csiszárik - Kocsir, J. Varga, Crisis (2017): Project - Risk: According to the Opinions of Hungarian SMES, Project Management Development - Practice and Perspectives: Sixth International Scientific Conference on Project Management in the Baltic Countries. pp. 60-70.
[12] Project Management Institute (2013): A Guide to the Project Management Body of Knowledge (PMBOK® Guide), 5th Edition, pp. 1-589.
[13] Project Management Institute (2017): A Guide to the Project Management Body of Knowledge (PMBOK® Guide), 6th Edition, pp. 1-573.
[14] Standish Group International Inc. (1994): CHAOS MANIFESTO. https://www.standishgroup.com/sample_research_files/chaos_report_1994.pdf (Downloaded: 20/11/2018)
[15] Standish Group International Inc. (2013): CHAOS MANIFESTO. http://www.versionone.com/assets/img/files/CHAOSManifesto2013.pdf (Downloaded: 21/11/2018)
[16] Standish Group International Inc. (2014): CHAOS MANIFESTO. https://www.projectsmart.co.uk/white-papers/chaos-report.pdf (Downloaded: 22/11/2018)
[17] Eveleens J. L., Verhoef, C. (2010): The Rise and Fall of the Chaos Report Figures. IEEE Software. Vol. 27. No.1. pp. 30-36.
[18] Deák, Cs. (2005): Projekt menedzsment képességek szervezeti szintű fejlesztése, ,,Tudásalapú társadalom Tudásteremtés - Tudástranszfer Értékrendváltás.” V. Nemzetközi konferencia, Miskolci Egyetem Gazdaságtudományi Kar. II. köt. Miskolc-Lillafüred 2005. május 11-12. pp. 80-86
[19] Veress G. szerk. (1999): A minőségügy alapjai, Műszaki Könyvkiadó, Budapest. pp. 1-281
[20] Veress, G., Birher, N., Nyilas, M. (2005): A minőségbiztosítás filozófiája. JEL Könyvkiadó, Budapest. pp. 1-281
[21] T. Szádeczky (2015): Information Security Law and Strategy in Hungary, Academic and Applied Research in Public Management Science 14:(4). pp. 281-289.
[22] Z Rajnai, B. Puskas (2015): Requirements of the Installation of the Critical Informational Infrastructure and its Management, Interdisciplinary Description of Complex Systems 13: (1) pp. 48-56.
[23] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance). http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN (Downloaded: 17/11/2018)
[24] State and Local Government Bodies Act L of 2013 on the Security of Electronic Information Systems. Hungarian Gazette No. 68 of 2013 pp. 50241-50255.
[25] 41/2015. (VII. 15.) BM on the requirements for technological security as well as the requirements for safe information tools, products, safety class and security classification as defined in Act L of 2013 on Electronic Information Security of State and Local Government Bodies, Hungarian Gazette 2015 # 103. pp. 17700-17751.
[26] 26/2013. (X. 21.) KIM Decree on the security of the management and electronic information system specified in the Act on the Electronic Information Security of State and Local Government Bodies, Magyar Közlöny 2013, No. 173. pp. 74208-74212.
[27] Zs. Szabó (2017): Cybersecurity issues of pension payments. In: Szakál Anikó (szerk.). IEEE 15th International Symposium on Intelligent Systems and Informatics: SISY 2017. Subotica, Serbia. 2017.09.14-2017.09.16. New York: IEEE. pp. 289-292.
[28] Zsolt, Sz. (2018): Cybersecurity issues in industrial control systems. Anikó, Szakál (szerk.) IEEE 16th International Symposium on Intelligent Systems and Informatics: SISY 2018. Budapest, Magyarország: IEEE Hungary Section, 2018. pp. 231-234.
[29] Szabó, Zs. M. (2018): Célzott támadás a közigazgatási szektor ellen. Deák, Veronika (szerk.) Célzott kibertámadások: Éves továbbképzés az elektronikus információs rendszer biztonságáért felelős személy számára 2018. BUDAPEST: Nemzeti Közszolgálati Egyetem. pp. 156-167. http://m.ludita.uni-nke.hu/repozitorium/handle/11410/11181?fbclid=IwAR1WcvyF1eD9K-u0HkKUmzmGrRwtA1etfwoAiqAPloG77HzPZQReKtSA4V8 (Downloaded: 21/11/2018)
Published
2019-06-12
Section
Safety Science (Biztonságtudomány)