The ICT system's users can significantly affect overall security level of the system, but problem is that most security solutions do not take into consideration user as possible critical security component of the system. In this work assessment methodology is proposed to evaluate users' awareness regarding security issues. For purpose of collecting data on ICT system user's awareness special questionnaire was developed based on previously defined ontology domain regarding e-mail users' behavior. The cluster analysis method was applied in order to group users into categories regarding level of their awareness about security issues. Cluster analysis gave six clusters of users on which Chi-square analysis was applied in order to detect potential relationship between level of awareness and gender, age, professional qualification and number of e-mail addresses used. The variables used to predict group membership were identified by applying discriminant analysis. The evaluation and categorization of users' awareness should help in developing new concepts of security solutions with taking into consideration user as component of the ICT system.
[1]
Stefan Fenz,et al.
Formalizing information security knowledge
,
2009,
ASIACCS '09.
[2]
M. Sarstedt,et al.
A Concise Guide to Market Research
,
2019,
Springer Texts in Business and Economics.
[3]
Eric R. Ziegel,et al.
Applied Multivariate Data Analysis
,
2002,
Technometrics.
[4]
Marin Golub,et al.
Using Trust on the Internet
,
2008
.
[5]
Aleksandar Klaic,et al.
Methods and tools for the development of information security policy — A comparative literature review
,
2011,
2011 Proceedings of the 34th International Convention MIPRO.
[6]
Stephen J. Lukasik.
Protecting users of the cyber commons
,
2011,
CACM.
[7]
Kresimir Solic,et al.
Possible decrease of spam in the email communication
,
2011,
2011 Proceedings of the 34th International Convention MIPRO.