Information Security Awareness: Comparing perceptions and training preferences

Use of the Internet has become our second nature. With each passing day computers and mobile devices are becoming ubiquitous in our society. In this backdrop the confidentiality of information is now a question of paramount importance. It is understood fact now that merely technical security solutions cannot guarantee security. End users are required to have solid understanding of the security issues. This study is carried out to compare and understand the perceived Information Technology (IT) and Information Security knowledge level of Information and Communication Technologies (ICT) users of two countries, Pakistan and Finland. The respondents are university students belonging to different age groups and with different educational background. Perception of respondents regarding Information Security Awareness (ISA) has been compared and no significant difference has been found. There is visible difference among information sharing habits in both groups of respondents. In both cases, respondents turn to similar sources for information security knowledge, however, there is difference in order of preference. Preferences toward Information Security related trainings are also same but with difference in order.

[1]  Rossouw von Solms,et al.  Information security awareness: educating your users effectively , 1998, Inf. Manag. Comput. Secur..

[2]  David C. Yen,et al.  Awareness and challenges of Internet security , 2000, Inf. Manag. Comput. Secur..

[3]  Steven Furnell,et al.  Security beliefs and barriers for novice Internet users , 2008, Comput. Secur..

[4]  Elmarie Kritzinger,et al.  Information security management: An information security retrieval and awareness model for industry , 2008, Comput. Secur..

[5]  J. R. Scotti,et al.  Available From , 1973 .

[6]  Matt Bishop,et al.  Academia and Education in Information Security: Four Years Later , 2000 .

[7]  Rossouw von Solms Information security management (3): the Code of Practice for Information Security Management (BS 7799) , 1998, Inf. Manag. Comput. Secur..

[8]  R. Kent Secrets and lies. , 2007, Nursing Standard.

[9]  Cynthia E. Irvine,et al.  A video game for cyber security training and awareness , 2007, Comput. Secur..

[10]  F. P. Bresz People – Often the Weakest Link in Security, but One of the Best Places to Start , 2004 .

[11]  Charles Cresson Wood,et al.  Information Security Awareness Raising Methods , 1995 .

[12]  Stephen Flowerday,et al.  Information security competence test with regards to password management , 2011, 2011 Information Security for South Africa.

[13]  Jan H. P. Eloff,et al.  A framework and assessment instrument for information security culture , 2010, Comput. Secur..

[14]  Phil Spurling,et al.  Promoting security awareness and commitment , 1995, Inf. Manag. Comput. Secur..

[15]  Ed Crowley Information system security curricula development , 2003, CITC4 '03.

[16]  Steven Furnell,et al.  An Analysis of Information Security Awareness within Home and Work Environments , 2010, 2010 International Conference on Availability, Reliability and Security.

[17]  Van Niekerk,et al.  Establishing an information security culture in organizations : an outcomes based education approach , 2005 .