Research Student Profile

Home People Profile...

Mrs Manal Alohali

Research Student

Brief biographical information

Information Security Risk Assessment for The General Public

Managing and assessing information security risks is a well understood and accepted approach used widely by enterprise organizations to provide a safe environment to carry out their business. It is usually expensive, time consuming and completed by experts and professional risk assessors. In the literature, there are many risk analysis tools, methodologies and techniques that are tailored for large organizations but little focus has been given to end-users or members of the public. Given the rapid growth of technology and the wide range of 24/7 e-services provided by different devices such as laptops, smartphones, smart TVs, game consoles and wearable technology, the number of users is growing every day. The availability, and to some extent the ease of use of these technologies and services makes it increasingly more appealing to users who range from novices to technology-savvy users. Users can store, access and process all kinds of information such as business, personal, financial and medical data on a range of devices and infrastructure where each device has its own security requirements. Users, who are solely responsible for their devices, data and for making their own security decisions, are arguably not aware of the different security risks associated with the use of such devices. It is found that users are less willing to perform money-related and sensitive data tasks on some of these devices such as smartphones due to issues related to security, privacy, trust and usability. Furthermore, users have difficulties in using, understanding and reacting to security-related threats.. Traditional risk assessment methods either treat these devices as a business information system asset or as a single entity where vulnerability and threat assessment is made on the asset as a whole rather than the services that are used within the device. By focusing on the user not the device, increased security awareness through understanding risk will improve security behaviour and lead to reduced security risks.

Mrs Manal Alohali

Director of studies: Prof. Nathan L Clarke
Other supervisors: Prof. Steven M Furnell

Conference papers

Information Security Behavior: Recognizing The Influencers
Alohali M, Clarke NL, Furnell SM
Proceedings of The SAI Computing Conference 2017, 2017
More details

1 Conference papers

1 publication(s) - all categories.