Reply to this article.

Educational Aspect of Security Information system security education has continued to be a challenging endeavor due to computer users not being motivated to learn how to maintain security and/or lack the knowledge to understand threats to security (Jakobsson & Ramzan, 2008).

Users also have different levels of security knowledge, requiring education to be adapted to the audience. Individuals are more likely to understand and adopt security practices if taught on his or her level, otherwise the information is neither understood nor utilized. Likewise, if the education is intended for IT personnel and the approach is too basic, the personnel will be prone to ignore the information all together (Johnson, 2015).

It is also important to have experienced instructors to gauge the audience and adjust where appropriate, and not hinder the training. This is true with all teachers and instructors; inexperience can negatively affect the audience, due to the educator's higher expectation of knowledge. "Not many of you should become teachers, my brothers, for you know that we who teach will be judged with greater strictness" (James 3:1).

Traditional educational approaches do not usually accommodate different ways of learning. Everyone learns in various ways which suggests the need for diverse approaches. The security training approach should also be tailored based on job level, level of awareness, and technical skill level (Johnson, 2015).

Failure to explain reasons for specific security policies creates another issue typically encountered with traditional educational approaches. The goal of education is to develop user awareness and skills that promote information system security, therefore varied approaches would benefit an organization immensely.

Research-driven content selection, accessibility, immersion, and adaptability are the core principles for effective security education. By utilizing these principles when delivering security training, organizations will increase user compliance with security policy (Jakobsson & Ramzan, 2008).

By mending the issues with information system security education, the health of organizational security will grow stronger. "Behold, I will bring to it health and healing, and I will heal them and reveal to them abundance of prosperity and security" (Jeremiah 33:6).

God provides us with so much, including security, but we must allow God to be part of our lives each and every day for this to be possible. Likewise, we must demonstrate security practices each day to establish information system security in our organizations. References Jakobsson, M., & Ramzan, Z. (2008).

Crimeware: Understanding new attacks and defenses. Boston, MA: Addison-Wesley Longman, Inc. Johnson, R. (2015). Security policies and implementation issues. (2nd ed.). Burlington, MA: Jones and Bartlett Learning