Royal Holloway University of London

Analyse the Cause and Impact of the Human Factor on Information Security and Propose a Comprehensive Information Security Awareness Initiative for the Indian Software Industry.

People are the weakest link in security. Despite the advances in technology, information security breaches continue to occur due to human behaviour. A lack of awareness among the employees of the security policies and procedures has been a cause for most of the incidents. A National Association of Software and Services Companies (NASSCOM - is a not-for-profit organization, registered under the Indian Societies Act, 1860.) report states that 'Human error was responsible for nearly 60 percent of information security breaches experienced by organizations over the last year'. The behaviour of the employees and the controls the organizations put in place to educate and train the employees of the security policies and procedures in place have always been a concern to me when i was working as a software developer in India. That concern is what that has made me take up this project to propose a generic security awareness initiative, which would stand as a base line for the different software organizations wanting to implement an awareness program for its employees.