Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Determinants of Information Security Awareness and Behaviour Strategies in Public Sector Organizations among Employees

Author 1: Al-Shanfari I
Author 2: Warusia Yassin
Author 3: Nasser Tabook
Author 4: Roesnita Ismail
Author 5: Anuar Ismail

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2022.0130855

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 13 Issue 8, 2022.

Abstract: In this digital era, protecting an organisation's sensitive information system assets against cyberattacks is challenging. Globally, organisations spend heavily on information security (InfoSec) technological countermeasures. Public and private sectors often fail to secure their information assets because they depend primarily on technical solutions. Human components create the bulk of cybersecurity incidents directly or indirectly, causing many organisational information security breaches. Employees' information security awareness (ISA) is crucial to preventing poor information security behaviours. Until recently, there was little combined information on how to improve ISA and how investigated factors influencing employees' ISA levels were. This paper proposed a comprehensive theoretical model based on the Protection Motivation Theory, the Theory of Planned Behaviour, the General Deterrence Theory, and Facilitating Conditions for assessing public sector employees' ISA intentions for information security behaviour. Using a survey and the structural equation modelling (SEM) method, this research reveals that the utilised factors are positively associated with actual information security behaviour adoption, except for perceived sanction certainty. The findings suggest that the three theories and facilitating conditions provide the most influential theoretical framework for explaining public sector employees' information security adoption behaviour. These findings support previous empirical research on why employees' information on security behaviours vary. Consistent with earlier research, these psychological factors are just as critical as facilitating conditions in ensuring more significant behavioural intention to engage in ISA activities, ensuring information security behaviour. The study recommends that public-sector organisations invest in their employees' applied information security training.

Keywords: Information security awareness; behaviour strategies; self-administered questionnaire; structural equation modelling (SEM)

Al-Shanfari I, Warusia Yassin, Nasser Tabook, Roesnita Ismail and Anuar Ismail, “Determinants of Information Security Awareness and Behaviour Strategies in Public Sector Organizations among Employees” International Journal of Advanced Computer Science and Applications(IJACSA), 13(8), 2022. http://dx.doi.org/10.14569/IJACSA.2022.0130855

@article{I2022,
title = {Determinants of Information Security Awareness and Behaviour Strategies in Public Sector Organizations among Employees},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2022.0130855},
url = {http://dx.doi.org/10.14569/IJACSA.2022.0130855},
year = {2022},
publisher = {The Science and Information Organization},
volume = {13},
number = {8},
author = {Al-Shanfari I and Warusia Yassin and Nasser Tabook and Roesnita Ismail and Anuar Ismail}
}

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2023

2-3 March 2023

Computing Conference 2023

13-14 July 2023

IntelliSys 2022

1-2 September 2022

Future Technologies Conference (FTC) 2022

20-21 October 2022