The Level of Information Security Awareness among Academic Staff in IHL (original) (raw)
Related papers
2011
As the 21st century approached, the current trend of technology product besides deliver the benefit on availability and accessibility on information, problem emerged regard information security. In order to analyze on how technology introduces new risks, it is necessary to discuss the technology lifecycle. Consider for instance the life cycle of technology as the diffusion of an innovation. Since technological innovations or IT solutions are being adopted to support business processes, the need to protect those IT solutions arises with its adoption. Accordingly, two important factors need much consideration in raising awareness are how organization influences significantly of end user's attitude and how the organization has the regular assessment or evaluation to measure the effectiveness of IS awareness policy inside the organization.
Impact of Training on Employee Actions and Information Security Awareness in Academic Institutions
2020
Academic institutions hold important information about students, faculty, and staff members. Hackers target academic institutions to access this information for criminal activities such as identity theft. This study was conducted to examine information confidentiality and cybersecurity in academic institutions. It targeted employees’ training after recruitment and the ongoing training employees get during their employment at the academic institution. In this research, there are three variables: action insecure (AI), action secure (AS), and employee awareness (EA). Information security is the ultimate goal of the organization and its highest priority. The participants completed an online survey to determine employees’ secure and insecure actions. The survey collected information about the everyday activities of employees in their workplaces. The study’s research questions sought to determine 1) if there is a significant difference in the number of AS the employee performs before and after the training, 2) if there is a significant difference in the number of AI the employee performs before and after the training, and 3) if there is a significant difference in EA before and after the training. The study results showed no significant change in employee awareness or secure/insecure actions after the training; however, more AS and less AI were performed by the participants in terms of raw data. The study showed that academic institutions need to hire employees with a good understanding of information security, ensure that there is a plan regarding information security, and ensure that the employee knows and understands what is confidential, what is public, and how to conduct everyday activities in the scope of information security. The researcher recommends conducting similar research that targets employees’ behavior and knowledge in information security for different industries.
Information Security Awareness in Higher Education Institutes: A Work in Progress
The demands for information security in Higher Education Institutions (HEIs) are expanding as HEIs are vulnerable because of the involvement of human factors. Hence, maintaining data privacy is paramount, where most individuals interacting with systems and applications are the main stakeholders (lecturers, students, and non-academic staff). In this regard, existing literature and security experts claim that enhancing users' Information Security Awareness (ISA) is one of the most effective protective techniques. Therefore, this study aims to propose a conceptual security awareness framework consisting of devices, application areas, and security practices and their related activities for HEIs. Moreover, five conceptual dimensions are suggested that affect users' ISA and are necessary for HEIs while measuring the ISA of their stakeholders. For investigating and understanding these issues, interviews were conducted with IT security experts working in HEIs.
The use of Information and Communication Technology to collect and process large volumes of data into information has made it possible for organisations to find ways and means of making informed decisions within a short space of time. There is so much dependent on information systems to such an extent that system failure can adversely compromise the organisation's operations. The education sector has not been left out but has instead become an information super house. The development of information systems has however not been spared by malicious activities, whether internal or external that tend to corrupt the much treasured information. (Alghananeem, Altaee and Jida, 2014)The way employees handle information flow in the organisation can either put the organisation at risk or can instead help protect the information and related information processing assets. This study was therefore aimed at assessing Information Security Awareness (ISA) among employees in higher education sector in Zambia and how such levels contribute to information security efforts in higher learning institutions. The research was conducted by use of questionnaires grouped into five sections. The questionnaire was delivered to a total number of 150 employees from University of Zambia, Copperbelt University and Mulungushi University. The participants' years of service and level of education ranged from 1 year to over 10 years, and from Certificate to PhD holders respectively. According to the findings of this research, it can be concluded that when employee self-awareness of information security, information security awareness training, Management's role in Information security awareness and information security awareness compliance monitoring improve, this is going to translate into improved Information Security (IS) in higher institutions of learning in Zambia as well. The results, in addition, also show that the higher learning institutions in Zambia do not attach the much needed support to information security awareness among its employees and there is also minimal support from top management.
Information Security Awareness among Non-Academic Staff in the University of Ibadan, Nigeria
Asian journal of computer science and technology, 2019
This study applied the established factors from the existing literatures on information security awareness to investigate information security awareness among nonacademic staff in the University of Ibadan, Nigeria. The objectives of this study are; to identify the factors that influence information security awareness and to determine the level of information security awareness among non-academic staff. This study employed a survey design. Stratified random sampling technique was utilised to select the respondents for the study. The study participants consist of non-academic staff in the University of Ibadan. A field survey of 300 respondents was carried out using questionnaire as the main instrument. Descriptive statistics was used for data analysis. Findings of this study revealed that information security awareness is significantly influenced by policy of information security, education of information security, knowledge of technology, and non-academic staff's behaviour. Furthermore, findings show that the level of information security awareness among non-academic staff in the University of Ibadan was high. Finally, findings were discussed and recommendations for the future research were also addressed.
Journal of Innovation and Business Best Practice
The purpose of this study is to evaluate the levels of knowledge, attitude, and behavior of the end-user regarding Information Systems Security Awareness (ISSA) in higher education, specifically Kuwait University (KU), and to identify the areas which require attention. Factors such as knowledge, attitude and behavior affecting human awareness were identified and the Value-Focus-Thinking was used to identify Information Systems Security (ISS) focus-areas. The six ISS Focus-Areas were obtained such as commitment to ISS policy; effective use of passwords; safe usage of Internet and e-mail; being aware of ISS threats; backing up the important files; and required updates for operating system and antivirus programs. Furthermore, a questionnaire was designed based on the human awareness factors and the ISS focus-areas. The research population included the end-users of KU colleges. The study presents useful results for decision-makers in the field of ISS, to identify recent findings regarding the level of ISSA among end-users, and in order to develop better strategies to implement the required solutions such as training programs. In addition to the organizations, this study through concentrating on ISSA may assist individuals to protect their personal data privacy during their use of computers. The study recommends few relevant actions to improve the long term levels of knowledge, attitude and behavior, with the priority for improving attitude due to its identified poor level. Regarding the KU colleges, the study recommends giving priority to improvements to the seven colleges that had poor levels of ISSA.
Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and Measures
Procedia Computer Science, 2015
Information security awareness (ISA) is referred to as a state of consciousness where user ideally committed to the rules, recognize the potentiality, understand the importance of responsibilities and act accordingly. Despite the number of case occurred in information security breaches, especially at knowledge-based institution result from the reluctance of user's failure to comply with security guidelines, such effective measure should take place to anticipate the negative effect. Therefore, more attention is required to understand the roles of individual, institutional and environmental antecedent for optimization in raising the information security awareness. This paper elucidated the roles of its antecedent and measure in influencing ISA of user using survey method that contributes for better understanding by analyzing user perception. From the result, this study identified several important factor impacts to the awareness and its relationship to other factor such as religious indicator can influence peer performance but also social pressure. Thus higher education can focus the policy for encouraging them to have proper response from student and staff in avoiding security incident.
Information Security Awareness of Greek Higher Education Students -Preliminary Findings
7th International Conference on Modern Circuits and Systems Technologies (MOCAST), 2018
University students are tomorrow's executives that are expected to progress our world forward. Good Information Security Awareness (ISA) and computer ethics education are crucial for a better future world. In this article a quantitative survey with the use of questionnaires is presented, which was conducted in order to measure a combination of the respondents' knowledge and behavior as regards their ISA. Factors such as the gender, the educational level, and the study program are examined. This study is limited to IT-students of a Greek university. The results of our research have shown that educational level plays a role in ISA and computer ethics, but awareness on many aspects needs to be improved.
European Scientific Journal, ESJ, 2020
The development of Information and Communication Technologies (ICTs) is becoming very common throughout society. Therefore, it is a must to protect information assets. In addition to the technological aspect, research continues to confirm the need to enhance security awareness among employees. The objective of this study is to investigate the factors that may impact users' practice and awareness both in the workplace. Specifically, factors such as policy, behavior, training, knowledge of IT and education were tested. In addition, the second objective of this study is to investigate the information security awareness and practice level among the employees. To achieve the study objectives, a quantitative methodology was applied; specifically a survey instrument was developed to measure if each of the key factors has a significant association within the security awareness and practice in the workplace. 202 usable surveys were collected from higher education employees and analyzed using Bivariate/Pearson Correlation to determine the relationship between the independent variable and the dependent variable. The findings of the study revealed that there was a positive correlation between policy, behavior, training, knowledge of IT and education with security awareness and practice These results indicated that security awareness and practice level of employees' in the workplace at the middle level. It is hoped that the present study provides an initial step to focus on security training sessions among higher education employees to reflect new knowledge on the importance of security training to increase the knowledge of information security.
2018
Organisations throughout the world face threats to the security of their information. In most organisations these threats are thought to be a consequence of employees’ lack of knowledge of information security, security behaviours and/or understanding of the possible detriments to their organisation of not complying with their organisation’s information security policy (ISP). Therefore, empirical research is needed to explore the main threats to information security and the factors that influence how employees intend to behave in relation to information security policies. The main aims of this research were to investigate employees’ ISP compliance behaviour intentions and to explore the organisational and human factors that influence this. Consequently, this research conducted four studies to explore the views of both those responsible for information security (IT staff and system administrators) and non-security employees from a range of higher education institutions in the Sultana...