Main Article Content
Act 50 of 2013 has served as a new and large scale impetus for both public bodies and local governments regarding information security in Hungary. This naturally means an increased need for professionals on the field. The National University of Public Services has become an institution that may very well be capable of training the required number of professionals. The aforementioned act has been amended by an implementing regulation (no. 41/2015) and as a result the system as a whole has changed regarding information security.3 This paper aims to highlight any problems that shall be addressed and solved as quickly and swiftly as possible. Basic skills and areas that shall be improved will also be in focus as well as processes that are vital in order to realize the actual situation of information security. Without the possibility to continuously determine the actual situation and without the means to assess such situation, the probability of deterring from the right path increases. Further challenges that this area has to face actually originate from situation assessment and the determination of the “correct” path. The theoretical model (to be presented), developed during the previous years, provides quick and swift possibilities to intervene in such areas if need be. The model guarantees a way to give feedback and is able to set up a communication channel that may be used to support the whole structure on the long run in a cost efficient manner. It is capable to provide feedback from numerous areas of the system while maintaining its structure and applying clarity or additional precision where necessary. Its real advantage is that the whole system (of institutions and/or public bodies) may use it as a single institution or body would not be able to realize or develop the model in its entirety.
How to Cite
information security, CISO education, information security measurement, password awareness survey