Abstract
Information security is among the most challenging problems in the contemporary highly interconnected network environment. Many past and recent studies reveal the human factor is the weakest element in the security systems. The present paper focuses on security awareness evaluation of key users regarding the information security vulnerabilities, threats and countermeasures. With purpose to develop a methodology for raising awareness of the users regarding information security challenges, an evaluation of the users’ needs of secure browsing and networking was conducted. The applied method was questionnaire with four major sections and the respondents’ results from five countries were analysed for validity and correctness. The results for the vast majority of the respondents revealed there is significant need for security training.
This research is supported under project 2019-1-BG01-KA204-062331 - Immersive Learning in Information Security (MISSILE), Erasmus+ Programme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cronk, L., Salmon, C.: Culture’s influence on behavior: steps toward a theory. Evol. Behav. Sci. 11(1), 36–52 (2017)
Deutskens, E., de Ruyter, K., Wetzels, M., Oosterveld, P.: Response rate and response quality of internet-based surveys: an experimental study. Mark. Lett. 15(1), 21–36 (2004)
Grama, J.L.: Legal Issues in Information Security. Jones & Bartlett Learning, Burlington (2020)
https://www.forbes.com/sites/kateoflahertyuk/2018/12/19/breaking-down-five-2018-breaches-and-what-they-mean-for-security-in-2019/. Accessed 12 Jan. 2021
Furnell, S., Clarke, N.: Power to the people? The evolving recognition of human aspects of security. Comput. Secur. 31(8), 983–988 (2012)
Lynn, M.R.: Determination and quantification of content validity. Nurs. Res. 35(6), 381–385 (1986)
Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., Zwaans, T.: The human aspects of information security questionnaire (HAIS-Q): two further validation studies. Comput. Secur. 66, 40–51 (2017)
Reid, R., van Niekerk, J.: Brain-compatible, web-based information security education: a statistical study. Inf. Manage. Comput. Secur. 22(4), 371–381 (2014)
Siponen, M.: A conceptual foundation for organizational information security awareness. Inf. Manage. Comput. Secur. 8(1), 31–41 (2000)
Tessem, M., Skaraas, K.: Creating a security culture. Telektronikk 101(1), 15–22 (2005)
Van Niekerk, J., von Solms, R.: Information security culture: a management perspective. Comput. Secur. 29(4), 476–486 (2010)
Da Veiga, A., Astakhova, L.V., Botha, A., Herselman, M.: Defining organisational information security culture—perspectives from academia and industry. Comput. Secur. 92, 101713 (2020)
Wiley, A., McCormac, A., Calic, D.: More than the individual: Examining the relationship between culture and information security awareness. Comput. Secur. 88, 101640 (2020)
Acknowledgment
This paper is supported under project 2019-1-BG01-KA204-062331 - Immersive Learning in Information Security (MISSILE), Erasmus+ Programme.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nikolova, E., Jecheva, V. (2022). Information Security Awareness Evaluation Framework and Exploratory Study. In: Arai, K. (eds) Intelligent Systems and Applications. IntelliSys 2021. Lecture Notes in Networks and Systems, vol 296. Springer, Cham. https://doi.org/10.1007/978-3-030-82199-9_50
Download citation
DOI: https://doi.org/10.1007/978-3-030-82199-9_50
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-82198-2
Online ISBN: 978-3-030-82199-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)