Descriptive Finding Regarding Factors Influencing Information Security Vulnerability: A Case Study in Electrical Company in Iran
Keywords:
Security issues, Information Security Vulnerability, Descriptive StudyAbstract
Implementing technology is important to enhance the enterprise information transaction but it is
impossible to secure it without organizational and human supports. Information security is about
confidentiality, integrity and availability of the data and due to complexity of human resources the
users have always exposed the information security to the internal threat. This paper presents a
descriptive result regarding the human factors of information security vulnerability in one electrical
enterprise in Iran. The result is presented based on the continuation of the previous review work. The
descriptive analysis was performed on twenty participants’ response over qualitative investigation.
Based on the descriptive scoring result, training, risk communication and emotional control are found
to be the most significant factors influencing information security vulnerability. Surprisingly security
culture and staff experience were not significantly influential in this study. In regard to future works,
an in-depth thematic analysis will be performed in order to have an overall perspective regarding the
factors of concern
