The Awareness Of Information Security Breach Among User IT In KPTMBP

The Awareness Of Information Security Breach Among User IT In KPTMBP

Recently, network security has become a major concern in cyber world. Thus, the need in cyber security is higher in order to make our data safety and privacy. The usages of internet are widely used in internet banking, online shopping, data storage, global positioning system, media and many other so...

Full description

Saved in:
Bibliographic Details
Main Author: Othman, Intan Safina
Format: Thesis
Language:English
English
Published: 2016
Subjects:
T Technology (General)
Online Access:http://eprints.utem.edu.my/id/eprint/18838/1/The%20Awareness%20Of%20Information%20Security%20Breach%20Among%20User%20IT%20In%20KPTMBP%2024%20Pages.pdf
http://eprints.utem.edu.my/id/eprint/18838/2/The%20Awareness%20Of%20Information%20Security%20Breach%20Among%20User%20IT%20In%20KPTMBP.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utem-ep.18838
record_format uketd_dc
institution Universiti Teknikal Malaysia Melaka
collection UTeM Repository
language English
English
topic T Technology (General)
T Technology (General)
spellingShingle T Technology (General)
T Technology (General)
Othman, Intan Safina
The Awareness Of Information Security Breach Among User IT In KPTMBP
description Recently, network security has become a major concern in cyber world. Thus, the need in cyber security is higher in order to make our data safety and privacy. The usages of internet are widely used in internet banking, online shopping, data storage, global positioning system, media and many other social applications. Security became a critical aspect in an overall information security area. Human error becomes a vulnerable to security breaches if a user did not practice safety behavior. Therefore, this study was conducted to investigate the unsatisfactory factors towards individual, organization and information security awareness towards security breach among user in Kolej Poly-Tech MARA Batu Pahat (KPTM). By observing the literature review and related research, this study proposed a research model of the awareness of security breach relying on the individual, organization and information security awareness. In conjunction with proposed model, this study addresses 2 hypothesis which are; H1- there is no relationship between independence variables and dependence variable; H2- there is a relationship between independence variables and dependence variable. The descriptive research has been used to investigate awareness of information security that focus on human error, policy and procedure and information security awareness in education and experience by distributing the questionnaires. The respondents of this study involve 155 of user in KPTM that used techniques of snowballs to gather the data. This study might help IT Officer in Batu Pahat or others branches in KPTM to monitor the awareness level of users towards information security, thus can design an information security awareness programs like campaign, seminar and case study. Meanwhile, KPTM Batu Pahat also can design a more robust system policy and procedure that would ensure the systems with a condition of confidentiality, integrity and availability of the system. For future work, this study can be implement in different private and public colleagues and universities mainly at west region to cover a large population of sampling.
format Thesis
qualification_name Master of Philosophy (M.Phil.)
qualification_level Master's degree
author Othman, Intan Safina
author_facet Othman, Intan Safina
author_sort Othman, Intan Safina
title The Awareness Of Information Security Breach Among User IT In KPTMBP
title_short The Awareness Of Information Security Breach Among User IT In KPTMBP
title_full The Awareness Of Information Security Breach Among User IT In KPTMBP
title_fullStr The Awareness Of Information Security Breach Among User IT In KPTMBP
title_full_unstemmed The Awareness Of Information Security Breach Among User IT In KPTMBP
title_sort awareness of information security breach among user it in kptmbp
granting_institution Universiti Teknikal Malaysia Melaka
granting_department Faculty of Information and Communication Technology
publishDate 2016
url http://eprints.utem.edu.my/id/eprint/18838/1/The%20Awareness%20Of%20Information%20Security%20Breach%20Among%20User%20IT%20In%20KPTMBP%2024%20Pages.pdf
http://eprints.utem.edu.my/id/eprint/18838/2/The%20Awareness%20Of%20Information%20Security%20Breach%20Among%20User%20IT%20In%20KPTMBP.pdf
_version_ 1747833952893140992
spelling my-utem-ep.188382021-10-08T16:06:45Z The Awareness Of Information Security Breach Among User IT In KPTMBP 2016 Othman, Intan Safina T Technology (General) TK Electrical engineering. Electronics Nuclear engineering Recently, network security has become a major concern in cyber world. Thus, the need in cyber security is higher in order to make our data safety and privacy. The usages of internet are widely used in internet banking, online shopping, data storage, global positioning system, media and many other social applications. Security became a critical aspect in an overall information security area. Human error becomes a vulnerable to security breaches if a user did not practice safety behavior. Therefore, this study was conducted to investigate the unsatisfactory factors towards individual, organization and information security awareness towards security breach among user in Kolej Poly-Tech MARA Batu Pahat (KPTM). By observing the literature review and related research, this study proposed a research model of the awareness of security breach relying on the individual, organization and information security awareness. In conjunction with proposed model, this study addresses 2 hypothesis which are; H1- there is no relationship between independence variables and dependence variable; H2- there is a relationship between independence variables and dependence variable. The descriptive research has been used to investigate awareness of information security that focus on human error, policy and procedure and information security awareness in education and experience by distributing the questionnaires. The respondents of this study involve 155 of user in KPTM that used techniques of snowballs to gather the data. This study might help IT Officer in Batu Pahat or others branches in KPTM to monitor the awareness level of users towards information security, thus can design an information security awareness programs like campaign, seminar and case study. Meanwhile, KPTM Batu Pahat also can design a more robust system policy and procedure that would ensure the systems with a condition of confidentiality, integrity and availability of the system. For future work, this study can be implement in different private and public colleagues and universities mainly at west region to cover a large population of sampling. UTeM 2016 Thesis http://eprints.utem.edu.my/id/eprint/18838/ http://eprints.utem.edu.my/id/eprint/18838/1/The%20Awareness%20Of%20Information%20Security%20Breach%20Among%20User%20IT%20In%20KPTMBP%2024%20Pages.pdf text en public http://eprints.utem.edu.my/id/eprint/18838/2/The%20Awareness%20Of%20Information%20Security%20Breach%20Among%20User%20IT%20In%20KPTMBP.pdf text en validuser https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=101690 mphil masters Universiti Teknikal Malaysia Melaka Faculty of Information and Communication Technology 1. Ajzen, I. (1988). Attitudes, personality, and behavior. Homewood, IL, US: Dorsey Press. 2. Ajzen, I. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50, 179–211. 3. Ajzen, I., & Fishbein, M. (1980). Understanding attitudes and predicting social. Behaviour. Englewood Cliffs, NJ: Prentice-Hall. 4. Ahlan, A.R., Lubis, M., and Lubis, A.R., 2015. Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and Measures. Procedia Computer Science, 72, pp.361–373. 5. Ahmed, M., Sharif, L., Kabir, M., and Al-Maimani, M., 2012. Human errors in Information Security. International Journal of Advanced Trends in Computer Science, 1 (3), pp.82–87. 6. Al-awadi, M. and Renaud, K., 2007. Success factors in information security: implementation in organizations. ADIS International Conference e-Society, pp.169–176. 7. Allam, S., Flowerday, S. V., and Flowerday, E., 2014. Smartphone information security awareness: A victim of operational pressures. Computers & Security, 42, pp.56–65. 8. Al-Omari, A., El-Gayar, O., and Deokar, A., 2012. Security Policy Compliance: User Acceptance Perspective. 2012 45th Hawaii International Conference on System Sciences, pp.3317–3326. 9. Antunes, N. and Vieira, M., 2012. Defending against Web Application Vulnerabilities. Computer. 10. Cassar, V. and Briner, R.B., 2011. The relationship between psychological contract breach and organizational commitment: Exchange imbalance as a moderator of the mediating role of violation. Journal of Vocational Behavior, 78 (2), pp.283–289. 11. Chasaki, D. and Wolf, T., 2012. Attacks and defenses in the data plane of networks. IEEE Transactions on Dependable and Secure Computing, 9 (6), pp.798–810. 12. Contena, B., Loscalzo, Y., and Taddei, S., 2015. Surfing on Social Network Sites. Computers in Human Behavior, 49, pp.30–37. 13. Cox, J., 2012. Information systems user security: A structured model of the knowing-doing gap. Computers in Human Behavior, 28 (5), pp.1849–1858. 14. Dalai, A.K., Panigrahy, S.K., and Jena, S.K., 2012. A Novel Approach for Message Authentication to Prevent Parameter Tampering Attack in Web Applications. Procedia Engineering, 38, pp.1495–1500. 15. Deloitte, 2011. Raising the Bar 2011 TMT Global Security Study – Key Findings. Deloitte. 16. Dodge, R.C., Carver, C., and Ferguson, A.J., 2007. Phishing for user security awareness. Computers & Security, 26 (1), pp.73–80. 17. Evans, J.D., 1996. Straightforward Statistics for the Behavioral Sciences, pp.122. 18. Farooq, A. and Isoaho, J., 2016. Information Security Awareness in Educational Institution : An Analysis of Students ’ Individual Factors Information Security Awareness in Educational Institution : An Analysis of Students ’ Individual Factors, (AUGUST 2015). 19. Gingrich, P., 2004. Chapter 11 Association Between Variables. Introductory Statistics for the Social Sciences - http://uregina.ca/~gingrich/text.htm, pp.794–835. 20. Hassan, N.H., Ismail, Z., and Maarop, N., 2015. Information Security Culture: A Systematic Literature Revier. Proceedings of the 5th International Conference on Computing and Informatics, ICOCI 2015, (205), pp.456–463. 21. Hauke, J. and Kossowski, T., 2011. Comparison of Values of Pearson’s and Spearman's Correlation Coefficients on the Same Sets of Data. Quaestiones Geographicae, 30 (2), pp.87–93. 22. Herath, T. and Rao, H.R., 2009. Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47 (2), pp.154–165. 23. Hilton, A., Hilton, A., Armstrong, R., and Armstrong, R., 2006. Stat Note 6 - post hoc ANOVA tests. Microbiologist, (September), pp.34–36. 24. Ifinedo, P., 2012. Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers and Security, 31 (1), pp.83–95. 25. Ifinedo, P., 2014. Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51 (1), pp.69–79. 26. Infrastructure, F.O.R. and Group, A., 2002. Cyber Attack Techniques and Defense Mechanisms, (June). 27. Jang-Jaccard, J. and Nepal, S., 2014. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80 (5), pp.973–993. 28. Jen, W., Lu, T., and Liu, P., 2009. An Integrated Analysis of Technology Acceptance Behaviour Models : Comparison of Three Major Models. MIS Review, 15 (1), pp.89–121. 29. Kim Peterson, n.d. 5 Sony Pictures films leak online after massive hack - CBS News [online]. CBS Interactive Inc. 30. KPTM Official Website [online], 2016. Available at: http://www.kptm.edu.my/ [Accessed 6 Jan 2016]. 31. Kraemer, S., Carayon, P., and Clem, J., 2009. Human and organizational factors in computer and information security: Pathways to vulnerabilities. Computers & Security, 28 (7), pp.509–520. 32. Kruger, H.A. and Kearney, W.D., 2006. A prototype for assessing information security awareness. Computers & Security, 25 (4), pp.289–296. 33. Lacey, D., 2009. Managing the Human Factor in Information Security. 34. Madden, T.J., Ellen, P.S., and Ajzen, I., 1992. A Comparison of the Theory of Planned Behavior and the Theory of Reasoned Action. Personality and Social Psychology Bulletin, 18 (1), pp.3–9. 35. Metalidou, E., Marinagi, C., Trivellas, P., Eberhagen, N., Skourlas, C., and Giannakopoulos, G., 2014. The Human Factor of Information Security: Unintentional Damage Perspective. Procedia - Social and Behavioral Sciences, 147, pp.424–428. 36. Mohamed, D. binti, 2013. Combating the threats of cybercrimes in Malaysia: The efforts, the cyberlaws and the traditional laws. Computer Law & Security Review, 29 (1), pp.66–76. 37. Montesdioca, G.P.Z. and Maçada, A.C.G., 2015. Measuring user satisfaction with information security practices. Computers & Security, 48, pp.267–280. 38. Muniandy, L. and Muniandy, B., 2012. State of Cyber Security and the Factors Governing its Protection in Malaysia . International Journal of Applied Science and Technology , 2 (4), pp.106–112. 39. Pahnila, S. and Karjalainen, M., 2013. Information Security Behavior : Towards Multi- Stage Models. 40. Park, S.Y., 2009. An Analysis of the Technology Acceptance Model in Understanding University Students’ Behavioral Intention to Use e-Learning. Educational Technology & Society, 12 (3), pp.150–162. 41. Parsons, K., Mccormac, A., Butavicius, M., and Ferguson, L., 2010. Human Factors and Information Security : Individual , Culture and Security Environment. Science And 42. Technology, (DSTO-TR-2484), pp.45. 43. Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., and Jerram, C., 2014. Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, pp.165–176. 44. Pattinson, M.R., Anderson, G., and Analyses, A., 1999. Risk Homeostasis as a Factor of Information Security. 2nd Australian Information Security Management Conference, pp.64. 45. Reason, J., 1998. Achieving a safe culture: Theory and practice. Work & Stress, 12 (3), pp.293–306. 46. Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A., and Herawan, T., 2015. Information security conscious care behaviour formation in organizations. Computers & Security, 53, pp.65–78. 47. Said, A.R., Abdullah, H., Uli, J., and Mohamed, Z.A., 2014. Relationship between Organizational Characteristics and Information Security Knowledge Management Implementation. Procedia - Social and Behavioral Sciences, 123, pp.433–443. 48. Shaw, R.S., Chen, C.C., Harris, A.L., and Huang, H., 2009. Computers & Education The impact of information richness on information security awareness training effectiveness. Computers & Education, 52 (1), pp.92–100. 49. Shih, Y. and Fang, K., 2004. The use of a decomposed theory of planned behavior to study Internet banking in Taiwan. Internet Research, 14 (3), pp.213–223. 50. Strawser, B.J. and Joy, D.J., 2015. Cyber Security and User Responsibility: Surprising Normative Differences. Procedia Manufacturing, 3 (Ahfe), pp.1101–1108. 51. Tavakol, M. and Dennick, R., 2011. Making sense of Cronbach’s alpha. International Journal of Medical Education, 2, pp.53–55. 52. Tayouri, D., 2015. ScienceDirect The human factor in the social media security –combining education and technology to reduce social engineering risks and damages. Procedia Manufacturing, 3 (Ahfe), pp.1096–1100. 53. Truong, Y., 2009. An Evaluation of the Theory of Planned Behaviour in Consumer Acceptance of Online Video and Television Services. The Electronic Journal Information System Evaluation, 12 (2), pp.177–186. 54. Vallerand, R.J., Deshaies, P., Cuerrier, J.-P., Pelletier, L.G., and Et Al, 1992. Ajzen and Fishbein’s theory of reasoned action as applied to moral behavior: A confirmatory analysis. Journal of Personality and Social Psychology. 55. Da Veiga, A., Martins, N., and Eloff, J.H.P., 2007. Information security culture – validation of an assessment instrument. South African Business Review, 11 (1), pp.147–166. 56. Veiga, A. and Martins, N., 2015. Improving the information security culture through monitoring and implementation actions illustrated through a case study. Computers & Security, 49, pp.162–176. 57. Vladlena, B., Saridakis, G., Tennakoon, H., and Ezingeard, J.N., 2015. The role of security notices and online consumer behaviour: An empirical study of social networking users. International Journal of Human-Computer Studies, 80 (December 2014), pp.36–44. 58. Weiss, T. and Loebbecke, C., 2008. Online Gaming Adoption in Competitive Social Networks: Combining the Theory of Planned Behavior and Social Network Theory. Americas Conference on Information Systems, pp.1–11. 59. Welcome to KPTM Batu Pahat Official Website [online], 2016. Available at: http://bpahat.kptm.edu.my/v2/index.php/my/ [Accessed 6 Jan 2016]. 60. Yen, D.C., Wu, C.-S., Cheng, F.-F., and Huang, Y.-W., 2010. Determinants of users’ intention to adopt wireless technology: An empirical study by integrating TTF with TAM. Computers in Human Behavior, 26 (5), pp.906–915. 61. Zainol, Z., Nelson, S.P., and Malami, A., 2012. Internal Human based Threats and Security Controls in Computerized Banking Systems: Evidence from Malaysia. Procedia - Social and Behavioral Sciences, 65 (ICIBSoS), pp.199–204. 62. Zhiwei, Y. and Zhongyuan, J., 2012. A Survey on the Evolution of Risk Evaluation for Information Systems Security. Energy Procedia, 17, pp.1288–1294.

Similar Items