A Study on User Perceptions of ICT Security

The human risk factor is a decisive factor in information security but has still not been fully integrated into information security programs and risk management approaches. Based by this lack of integration, we have designed a study on user attitudes to information security issues in Austrian companies. The survey that has been carried out within this study is based on extensive literature research on risk, behavior and trust models. The analysis of the results comprises the identification and confirmation of user perceptions and trustworthiness factors. Building upon the survey results, we propose a set of significant indicators that can help to identify ICT-related misuse and fraudulent behavior as a situation awareness instrument. Keywords— information security; user perceptions; attitude; human risk factor; work satisfaction; compliance.