CFP last date
20 January 2025
Reseach Article

Significance of Information Security Awareness in the Higher Education Sector

by Hong Chan, Sameera Mubarak
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 60 - Number 10
Year of Publication: 2012
Authors: Hong Chan, Sameera Mubarak
10.5120/9729-4202

Hong Chan, Sameera Mubarak . Significance of Information Security Awareness in the Higher Education Sector. International Journal of Computer Applications. 60, 10 ( December 2012), 23-31. DOI=10.5120/9729-4202

@article{ 10.5120/9729-4202,
author = { Hong Chan, Sameera Mubarak },
title = { Significance of Information Security Awareness in the Higher Education Sector },
journal = { International Journal of Computer Applications },
issue_date = { December 2012 },
volume = { 60 },
number = { 10 },
month = { December },
year = { 2012 },
issn = { 0975-8887 },
pages = { 23-31 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume60/number10/9729-4202/ },
doi = { 10.5120/9729-4202 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:06:13.105154+05:30
%A Hong Chan
%A Sameera Mubarak
%T Significance of Information Security Awareness in the Higher Education Sector
%J International Journal of Computer Applications
%@ 0975-8887
%V 60
%N 10
%P 23-31
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Information security awareness is an important contributing factor for a successful information security plan and should be properly assessed in order to suggest improvements. This explorative study directly investigated and assessed the employee information security awareness levels within a South Australian Higher Education Institution for the purpose of providing much needed insight into the extent of information awareness levels in Australian organizations. Using an online questionnaire, the study revealed that the organization's employee information security awareness were generally lacking. The study also identified several problem areas which had plenty of room for improvements, thus paving the way for further research into how information security awareness levels can be improved. It is recommended that the organization include information security awareness as part of its overall risk assessment strategies in order to mitigate such risks. Finally, the adoption of programs which will enhance security awareness should also be explored in order to foster an organizational culture of security compliance, thereby minimizing any information security risks.

References
  1. von Solms, R 1998, 'Information Security Management (1): Why Information Security is so Important', Information Management & Computer Security, vol. 6, no. 4, pp. 174-177.
  2. Cervone, F 2005, 'Understanding The Big Picture So You Can Plan For Network Security', Computers in Libraries, vol. 25, no. 3, pp. 10- 15.
  3. Thompson, STC 2006, 'Helping the Hacker? Library Information, Security, and Social Engineering', Information Technology & Libraries, vol. 25, no. 4, pp. 222-225.
  4. Cervone, F 2005, 'Understanding The Big Picture So You Can Plan For Network Security', Computers in Libraries, vol. 25, no. 3, pp. 10- 15.
  5. Dzazali, S, Sulaiman, A & Zolait, AH 2009, 'Information security landscape and maturity level: Case study of Malaysian Public Service (MPS) organizations', Government Information Quarterly, vol. 24, no. 4, pp. 584-593.
  6. Siponen, M & Vance, A 2010, 'Neutralization: New Insights Into The Problem Of Employee Information Systems Security Policy Violations', MIS Quarterly, vol. 34, no. 3, pp. 487-A12.
  7. Spears, JL & Barki, H 2010, 'User Participation in Information Systems Security Risk Management', MIS Quarterly, vol. 34, no. 3, pp. 503-A5.
  8. McFadzean, E, Ezingeard, J & Birchall, D 2007, 'Perception of risk and the strategic impact of existing IT on information security strategy at board level', Online Information Review, vol. 31, no. 5, pp. 622-660.
  9. Knapp, KJ, Marshall, TE, Rainer, RK, & Ford, FN 2006, 'Information security: management's effect on culture and policy', Information Management & Computer Security, vol. 14, no. 1, pp. 24-36.
  10. Mouratidis, H, Jahankhani, H & Nikhoma, MZ 2008, 'Management versus security specialists: an empirical study on security related perceptions', Information Management & Computer Security, vol. 16, no. 2, pp. 187-205.
  11. Hagen, JM, Albrechtsen, E & Hovden, J 2008, 'Implementation and effectiveness of organizational information security measures', Information Management & Computer Security, vol. 16, no. 4, pp. 377-397.
  12. Doherty, NF, Anastasakis, L & Fulford, H 2009, 'The information security policy unpacked: A critical study of the content of university policies', International Journal of Information Management, vol. 29, no. 6, pp. 449-457.
  13. Bulgurcu, B, Cavusoglu, H & Benbasat, I 2010, 'Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness', MIS Quarterly, vol. 34, no. 3, pp. 523-A7.
  14. Kruger, H, Drevin, L & Steyn, T 2010, 'A vocabulary test to assess information security awareness,' Information Management & Computer Security, vol. 18, no. 5, pp. 316-327.
  15. Lane, T 2007, 'Information Security Management in Australian Universities – An Exploratory Analysis', Faculty of Information Technology Master thesis, Queensland University of Technology.
  16. Yeo, AC, Rahim, M & Miri L 2007, 'Understanding Factors Affecting Success of Information Security Risk Assessment: The Case of an Australian Higher Educational Institution', in Proceedings of the Pacific Asia Conference on Information Systems 2007, Auckland.
  17. Laaksonen, E & Niemimaa M 2011, 'Information Security Policies, a Frames of Reference Perspective', Department of Computer Science Master thesis, Lulea University of Technology.
  18. De Haes, S, Van Grembergen, W 2009, 'An Exploratory study into IT Governance Implementations and its Impact on Business/IT Alignment', Information Systems Management, vol. 26, no. 2, pp. 123-137.
  19. Boritz, JE 2005, 'IS Practitioners' Views on Core Concepts of Information Integrity', International Journal of Accounting Information Systems, vol. 6, no. 4, pp. 260-279.
  20. Whitman, ME & Mattord HJ 2005, Principles of Information Security, 2nd edn, Thompson Course Technology, Australia.
Index Terms

Computer Science
Information Sciences

Keywords

Information Security Information Security Awareness Information Assurance Information Management