Abstract:

In order to achieve effective results when creating an information security awareness and education programme the design must be focused on a specific target group. The reason for this is that the various groups might differ with respect to the risks they are exposed to and the type of security information to be presented. The preference for receiving information might also differ from one user group to the next. In general, the design of a security awareness programme might differ from one user group to the next. Yet most awareness programmes today focus on the home user in general rather than on specific types of home users. This research focuses specifically on home users segmented according to age due to the limited amount of attention that is paid to the categories.

The study is aimed at improving security awareness among home users segmented according to age and culminates in the development of an information security awareness and education framework. The proposed framework attempts to simplify the process of designing an information security and awareness programme by providing a set of guidelines to the designer that will help him/her to establish who should be receiving what information and the manner in which this information should be received – how the information should be received. It also identifies other design factors that should be considered when creating an information security awareness and education programme.

The author believes that the information security awareness and education programme that is designed when using the step-by-step guide presented in this framework is more likely to attract the attention of the specific user that it is designed for. The reason for this is that the programme will be more relevant to each age group. In this way, security awareness among home users will be enhanced.