Determinants of information security awareness and behaviour strategies in public sector organizations among employees

S.M.M Yassin, S.M.Warusia Mohamed and Al Shanfari, Issam Shaaban Malqout Moshaded and Tabook, Nasser and Ismail, Roesnita and Ismail, Anuar (2022) Determinants of information security awareness and behaviour strategies in public sector organizations among employees. (IJACSA) International Journal of Advanced Computer Science and Applications, 13 (8). pp. 479-490. ISSN 2158-107X

[img] Text
PAPER_55-DETERMINANTS_OF_INFORMATION_SECURITY_AWARENESS.PDF

Download (756kB)

Abstract

In this digital era, protecting an organisation's sensitive information system assets against cyberattacks is challenging. Globally, organisations spend heavily on information security (InfoSec) technological countermeasures. Public and private sectors often fail to secure their information assets because they depend primarily on technical solutions. Human components create the bulk of cybersecurity incidents directly or indirectly, causing many organisational information security breaches. Employees' information security awareness (ISA) is crucial to preventing poor information security behaviours. Until recently, there was little combined information on how to improve ISA and how investigated factors influencing employees' ISA levels were. This paper proposed a comprehensive theoretical model based on the Protection Motivation Theory, the Theory of Planned Behaviour, the General Deterrence Theory, and Facilitating Conditions for assessing public sector employees' ISA intentions for information security behaviour. Using a survey and the structural equation modelling (SEM) method, this research reveals that the utilised factors are positively associated with actual information security behaviour adoption, except for perceived sanction certainty. The findings suggest that the three theories and facilitating conditions provide the most influential theoretical framework for explaining public sector employees' information security adoption behaviour. These findings support previous empirical research on why employees' information on security behaviours vary. Consistent with earlier research, these psychological factors are just as critical as facilitating conditions in ensuring more significant behavioural intention to engage in ISA activities, ensuring information security behaviour. The study recommends that public-sector organisations invest in their employees' applied information security training.

Item Type: Article
Uncontrolled Keywords: Information security awareness, Behaviour strategies, Self-administered questionnaire, Structural equation modelling (SEM)
Divisions: Faculty of Information and Communication Technology
Depositing User: mr eiisaa ahyead
Date Deposited: 10 Feb 2023 15:17
Last Modified: 10 Feb 2023 15:17
URI: http://eprints.utem.edu.my/id/eprint/26189
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item