Determining the effects of information security knowledge on information security awareness via structural equation modelings

Year 2019, Volume: 48 Issue: 4, 1201 - 1212, 08.08.2019

Sinan Saraçlı , Atılgan Erdoğmuş

Abstract

The aim of this study is by investigating the Information Security Awareness of University Students via statistical techniques, revealing the existing awareness and giving some suggestions to improve this awareness. By the internet, which entered our daily life snappily, information and technology era has been started and it gave new point of view by changing our lifestyle in many areas as electronic commerce, education and government. By developing and rapidly improving technology, Individuals' having enough capacity to use it, information culture has spread over all parts of the society. By increasing the information systems and internet every day, by using private and secret information, doing both public and individual processes via these systems has increased the importance of information and information systems and resolve the information awareness as an obligatory case. It can be observed nowadays that there are many information guilt is being perpetration. Its known that related ministry in our country is taking enough security precautions both hardware and software for the information and system security and researching on new actions. However, the most important factor to pan out for the information and system security is the development of corporate and individual awareness. With this purpose, to measure the computer usage praxis and Information Security Awareness levels of Students of Afyon Kocatepe University, by using "Information Security Awareness Scale", which has developed previously the related data is obtained via a questionnaire and analyzed by SPSS and LISREL software. In this study as statistical techniques, Explanatory Factor Analysis, Confirmatory Factor Analyzes and Structural Equation Modeling is used.

Keywords

Information security, Security awareness, Structural equation modeling

References

• [1] J. Abawajy. User preference of cyber security awareness delivery methods, Behav Inf Technol 33(3), 237-248, 2014.
• [2] E. Albrechtsen and J. Hovden. Improving information security awareness and behaviour through dialogue, participation and collective reflection: An intervention study, Computers & Security, 29, 432-445, 2010.
• [3] I. Arce. The weakest link revisited, IEEE Secur Priv 1(2), 72-6, 2003.
• [4] G. Canbek ve S. Sagiroglu. Bilgi, bilgi güvenliği ve süreçleri üzerine bir inceleme, Politeknik Dergisi 9(3), 165-174, 2006.
• [5] S. Cakir ve M. Kesler. Bilgisayar Güvenliğini Tehdit Eden Virüsler ve Antivirüs Yazlmlar, XIV. Akademik Biliim Konferans, 551-558, 1-3 ubat, 2012.
• [6] O.F. Gokmen ve O.E. Akgun. Bilgisayar ve öğretim teknolojileri eğitimi öğretmen adaylarının bilişim güvenliği eitimi verebilmeye yönelik yeterlilik algılarının incelenmesi, Ilköğretim Online, 14(4), 1208-1221, 2015.
• [7] W. Hubbard. Methods and techniques of implementing a security awareness program, SANS Institute, white paper, 2002.
• [8] K. Jansson and R. Von Solms. Phishing for phishing awareness, Behav Inf Technol., 32(6), 584-593, 2013.
• [9] F.H. Katz. The effect of a university information security survey on instructing methods in information security, In: Proceedings of the second annual conference on information security curriculum development, 43-48, 2005.
• [10] R.B. Kline. Assumptions in structural equation modeling, In R.H. Hoyle (Ed.), Handbook of structural equation modeling, 111-125, New York, US:Guilford Press, 2010.
• [11] A. Marks. Exploring universities information systems security awareness in a changing higher education environment: a comparative case study research, PhD thesis, University of Salford, 2007.
• [12] G. Ogutcu, O.M. Testik and O. Chouseinoglou. Analysis of personal information security behavior and awareness, Computers & Security, 56, 83-93, 2016.
• [13] S. Pahnila, M. Siponen and A. Mahmood. Employees behavior towards IS security policy compliance, In: 40th Annual Hawaii International Conference on System Sciences, HICSS 2007. IEEE; 2007.
• [14] N.S.K. Pang. School values and teachers’ feelings: A LISREL model, Journal of Educational Administration, 34, 64-83, 1996.
• [15] Y. Reisinger and L. Turner. Structural equation modeling with LISREL: Application in tourism, Tourism Management, 20, 71-88, 1999.
• [16] Y. Rezgui and A. Marks. Information security awareness in higher education: An exploratory study, Computers & Security, (27), 241-253, 2008.
• [17] E.E. Rigdon. Structural Equation Modeling, In G.A. Marcoulides (Ed.), Modern Methods for Business Research, Lawrence Erlbaum, 251-294, 1998.
• [18] K. Schermelleh-Engel, H. Moosbrugger and H. Müller. Evaluating the fit of structural equation models: Tests of significance and descriptive goodness-of-fit measures, Methods of psychological research online, 8(2), 23-74, 2003.
• [19] E.E. Schultz, R.W. Proctor, M-C. Lien and G. Salvendy. Usability and security an appraisal of usability issues in information security methods, Comput Secur., 20(7), 620-634, 2001.
• [20] M.T. Siponen. A conceptual foundation for organizational information security awareness, Information Management & Computer Security, 8(1), 31-41, 2000.
• [21] J.M. Stanton, P.R. Mastrangelo, K.R. Stam and J. Jolton. Behavioral information security: two end user survey studies of motivation and security practices, In: Proceedings of the Tenth American Conference on Information Systems, New York: 2004.
• [22] M. Tekerek. Information Security Manegement, KSU Journal of Science and Engineering, 11(1), 132-137, 2008.
• [23] B.D. Voss. The ultimate defense of depth: security awareness in your company, SANS Institute, white paper, 2001.
• [24] V. Yilmaz. Consumer behavior of shopping center choice, Social Behavior and Personality, 32, 783-790, 2004.
• [25] J. Zhang, B.J. Reithel and H. Li. Impact of perceived technical protection on security behaviors, Inf Manag Comput Secur,17(4), 330-340, 2009.