fullrecord |
[{"key": "dc.contributor.advisor", "value": "Siponen, Mikko", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Kastepohja, Janne", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2020-07-15T05:40:57Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2020-07-15T05:40:57Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2020", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/71175", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Organisaatioiden tietoturvaa ja kyberturvallisuutta kohtaan kohdistuu k\u00e4ytt\u00e4jien kautta tai toimesta vakavia uhkia, jotka voivat ilmet\u00e4 organisaatioiden sis\u00e4- tai ulkopuolelta. Yksin tietoturvaohjeilla ei kyet\u00e4 vastaamaan uusien hy\u00f6kk\u00e4ysmetodien ja -ty\u00f6kalujen kehitysnopeuteen, eik\u00e4 inhimillisiin virheisiin. P\u00e4\u00e4telaitteiden sek\u00e4 tietoverkkojen ja -j\u00e4rjestelmien k\u00e4ytt\u00e4j\u00e4t kohtaavat jatkuvasti valintatilanteita, joissa organisaation kyberturvallisuuden vaarantuminen on mahdollista. K\u00e4ytt\u00e4jien kautta toteutuvaan uhkaan vastaaminen ja organisaation kyberturvallisuuden kehitt\u00e4minen on mahdollista muun muassa vaalimalla kyberturvallisuuskulttuuria. Vahva kyberturvallisuuskulttuuri tarkoittaa koko organisaation sitouttamista yll\u00e4pit\u00e4m\u00e4\u00e4n ja kehitt\u00e4m\u00e4\u00e4n kyberturvallisuutta. Kyberturvallisuuskulttuuri ei rajoitu organisaation sis\u00e4lle kuten tietoturva- ja turvallisuuskulttuurit, vaan ulottuu el\u00e4m\u00e4n kaikille osa-alueille. Kyberturvallisuuskulttuurin kannalta on olennaista tunnistaa mitk\u00e4 tekij\u00e4t, esimerkiksi erilaiset kulttuurit ja toimintamallit, vaikuttavat organisaatioon, sen toimintaymp\u00e4rist\u00f6\u00f6n, toimintaan ja henkil\u00f6st\u00f6\u00f6n. T\u00e4h\u00e4n ongelmaan vastattiin t\u00e4ss\u00e4 tutkimuksessa analysoimalla aiempien tutkimusten tulosten ja haastattelemalla ohjelmistoyritys Reaktorilla henkil\u00f6st\u00f6\u00e4, jotta pystyttiin tunnistamaan Reaktorin kyberturvallisuuskulttuurin muodostumiseen vaikuttavia tekij\u00f6it\u00e4. Holistisen ja syv\u00e4llisen tarkastelun takaamiseksi tutkimusmenetelm\u00e4ksi valittiin fenomenografia, jossa ilmi\u00f6t\u00e4 kuvataan yksil\u00f6iden kokemusten ja n\u00e4kemysten kautta. Henkil\u00f6st\u00f6n tapa n\u00e4hd\u00e4 ja kokea organisaationsa kyberturvallisuuskulttuuri on itse ilmi\u00f6n tutkimista olennaisempaa, koska yksil\u00f6 kokee kulttuurin aina subjektiivisesti. Tutkimuksessa haastateltujen Reaktorin henkil\u00f6st\u00f6n k\u00e4sitysten perusteella yrityksess\u00e4 on yhten\u00e4inen ja vahva kyberturvallisuuskulttuuri. Se perustuu luottamukseen, hajautettuun p\u00e4\u00e4t\u00f6ksentekoon, toisten auttamiseen, jatkuvaan oppimiseen ja sosiaalisiin verkostoihin. Yrityksess\u00e4 kyberturvallisuus n\u00e4hd\u00e4\u00e4n luonnollisena osana kaikkea liiketoimintaa ja ratkaisuja, mink\u00e4 vuoksi organisaatiokulttuurin rooli kyberturvallisuuskulttuurissa on keskeinen. Reaktorin organisaatiokulttuuri tukee luonnostaan vahvaa kyberturvallisuuskulttuuria, koska organisaatiokulttuuri tukee vuorovaikutusta, avoimuutta, kehitt\u00e4mist\u00e4 ja tiedon jakamista. Organisaation keskeisimm\u00e4t toimijat my\u00f6s kyberturvallisuuden yll\u00e4pidossa ovat itseohjautuvat yksil\u00f6t ja tiimit, jotka ottavat kyberturvallisuuden huomioon yhten\u00e4 osana teknisi\u00e4 ratkaisuja ja toimintaa. Yrityksen kyberturvallisuuskulttuurissa turvallisuusratkaisut r\u00e4\u00e4t\u00e4l\u00f6id\u00e4\u00e4n tapauskohtaisesti kontekstin, k\u00e4ytett\u00e4vyyden ja asiakkaan tarpeiden mukaan.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Malicious actions and anomalies, which manifest by or via users, are a serious and constant threat to companies\u2019 information and cyber security. These threats can manifest from inside or outside of the company. Information security policies fail to respond to the pace of new attack methods and tools as well as to human errors in general. Users of end-point devices as well as computer networks and systems face constantly situations, where company\u2019s cyber security may be compromised. As an answer to these threats, researchers have proposed creating and fostering cyber security culture as a solution. A functioning cyber security culture demands efforts from the whole organization to maintain and develop cyber security. Cyber security culture is affected by organizational structures and culture, nature of company\u2019s business and national and individual level cyber security cultures. Unlike security and information security cultures, cyber security culture is not limited just within the company, but it touches all aspects of life and users may have many different roles in it. In order to foster a robust cyber security culture, it is essential to identify the context in which such culture operates. This means the wide variety of factors affecting to the company, business, and the company\u2019s employees. The formation of the views and capabilities of an individual to maintain cyber security are affected for example by multiple levels of culture, individual know-how and experiences. Culture is a concept, which is seen subjectively by an individual. A company\u2019s cyber security culture therefore consists of and is informed by the mindsets of the employees: how employees see and experience the cyber security culture of the company. Qualitative research offers a robust methodological approach to explore and understand such indepth and complex concepts as culture. In addition to analyzing findings of previous research, this research used qualitative interviews to analyze the expressions and mindsets of employees of Finnish software and consulting low hierarchy company Reaktor as a case study of maintaining high-level and successful cyber security culture at a company level. To analyze the phenomenon through expressions and mindset of individuals, phenomenography was chosen as a research method. The findings indicate that Reaktor fosters a robust cyber security culture, which is based on trust, decentralized decision making, helping others, constant development, and social networks within the company. Continuous learning of the company and employees is seen as a requirement for maintaining the cyber security culture. The research found that the most essential actors of the company in fostering cyber security culture are self-controlled individuals and teams, who consider cyber security aspects as a natural part of technical \nsolutions and all activity. All security solutions within Reaktor\u2019s cyber security culture are based on context, usability, and client\u2019s needs. Cyber security is seen as an integral part of all business activity, which makes organizational culture a crucial component of the company\u2019s cyber security culture.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2020-07-15T05:40:42Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2020-07-15T05:40:57Z (GMT). No. of bitstreams: 0\n Previous issue date: 2020", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "111", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "kyberturvallisuuskulttuuri", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Kyberturvallisuuskulttuuri : ohjelmistoyritys Reaktorin ratkaisuja henkil\u00f6st\u00f6n kautta kohdistuvien kyberuhkien v\u00e4hent\u00e4miseksi", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202007155332", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietojenk\u00e4sittelytiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Computer Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.collaborator", "value": "business", "language": "", "element": "contractresearch", "qualifier": "collaborator", "schema": "yvv"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "yvv.contractresearch.initiative", "value": "student", "language": "", "element": "contractresearch", "qualifier": "initiative", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kansallinen kulttuuri", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "organisaatiokulttuuri", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kyberturvallisuus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.type.okm", "value": "G2", "language": null, "element": "type", "qualifier": "okm", "schema": "dc"}]
|