Knowledge of Information Security Awareness and Practices for Home Users: Case Study in Libya

Authors

  • Hamida Asker Nalut University
  • Abdalmonem Tamtam Nalut University

Keywords:

Security awareness, Security practice, Information security, home users

Abstract

The abundance of information available through the Internet, mobile applications, and cloud computing has made it convenient for users to access a wide range of information. However, this convenience comes with a cost as this information is constantly at risk of being compromised by cybercriminals and hackers. While the recognition of the potential dangers of information security is increasing in developed countries, in regions like Libya in North Africa, the level of protection for this information is insufficient.

The purpose of this study is to examine the various factors that may influence or affect the users’ practice and awareness at home. The investigated factors are policy, behavior, training, knowledge of IT and education. In order to accomplish the goals of this study, a quantitative methodology was implemented. Specifically, a survey was created to assess the correlation between key factors and security awareness and practices in the home environment. The survey attracted 220 respondents and analyzed using Bivariate/Pearson Correlation to determine the relationship between the independent variable and the dependent variable. The result of the study showed that there was a moderate positive correlation between policy, knowledge of IT and education with security awareness and practice, but behavior factor has a low correlation. These results indicated that security awareness and practice level of employees at home are mostly at the middle level. It is hoped that the present study provides an initial step to focus on security training sessions among higher education employees to reflect new knowledge on the importance of security training to increase the knowledge of information security.

It is hoped that the findings of this study will serve as a starting point for further research and focus on providing security information for public, which will help to reflect new knowledge on the importance of security training and increase awareness of information security.

References

Asker, H., and Tamtam, A. 2020. "An investigate of the information

security awareness and practice level among third level education

staff, case study in Nalut Libya" European Scientific Journal. Vol.

No. 15. pp. 20- 33

Colwill, C. 2009. "Human factors in information security: The insider

threat–Who can you trust these days?" Information security technical

report. Vol. 14. pp. 186- 196

Doherty, N. F., Anastasakis, L., and Fulford, H. 2009. "The

information security policy unpacked: A critical study of the content

of university policies". International Journal of Information

Management, 29(6), pp. 449-457.

Edwards, k. 2015. Examining the Security Awareness, Information

Privacy, and the Security Behaviors of Home Computer Users. Thesis

Degree of Doctor of Philosophy, College of Engineering and

Computing Nova Southeastern University.

Fakeh, S. K. W., Zulhemay, M. N., Shahibi, M. S., Ali, J., and Zaini,

M. K. 2012. "Information Security Awareness Amongst Academic

Librarians". Journal of Applied Sciences Research, 8(3), pp. 1723-

Furnell, S., and Evangelatos, K. 2007. "Public Awareness and

Perceptions of Biometrics". Computer Fraud & Security, 2007. 1, pp.

-13.

Halim, A. Abu Bakar, A. Hamid, H. and Alwi, N. 2008. "A Study of

Information Security Awareness Among USIM Staff". Technical

Report. USIM.

Huang, D. L., Patrick Rau, P. L., Salvendy, G., Gao, F., and Zhou, J.

"Factors affecting perception of information security and their

impacts on IT adoption and security practices". International Journal

of Human-Computer Studies, 69(12), pp. 870-883.

Hight, S. D. 2005. "The importance of a security, education, training

and awareness program", November 2005. Retrieved on 10 March

from: http://www.infosecwriters.com/text resources/pdf/SETA

SHight.pdf.

Ishak, I.S., Ishak, I.S., Abu Hassan, R., Suradi, Z., and Mansor, Z.

"Information Security Awareness and Practices In Malaysian

IHLs: A Study at UNISEL". DOI: 10.15224/978-1-63248-034-7-29

Conference: Second Intl. Conf. on Advances in Computing,

Electronics and Electrical Technology - CEET 2014, At Kuala

Lumpur.

Jaeger, L. (2018, January). Information security awareness: literature

review and integrative framework. In Proceedings of the 51st Hawaii

International Conference on System Sciences

Kritzinger, E., and von Solms, S. H. 2010. "Cyber security for home

users: A new way of protection through awareness

enforcement". Computers & Security, 29(8), pp. 840-847

Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., and

Jerram, C. 2014. "Determining employee awareness using the Human

Aspects of Information Security Questionnaire (HAIS-Q)".

Computers & Security, 42, pp.165-176.

Parsons, K., McCormac, A., Butavicius, M., and Ferguson, L. 2010. "

Human factors and information security: individual, culture and

security environment". (No. DSTO-TR-2484). Defence Science and

Technology Organization Edinburgh (AUSTRALIA) Command

Control Communications and Intelligence Div. Technical Report

Roy Sarkar, K. 2010. "Assessing Insider Threats to Information

Security Using Technical, Behavioral and Organisational Measures".

Information Security Technical Report. Vol. 15. pp. 112-133.

Rhee, H. S., Kim, C., and Ryu, Y. U. 2009. "Self-efficacy in

information security: Its influence on end users' information security

practice behavior". Computers & Security, 28 (8), pp. 816-826.

Schneier, B. 2011. "Secrets and lies: digital security in a networked

world". John Wiley & Sons. ISBN. 0-471-25311-1.

Specops company 2020. “Which Country Has the Highest Number of

Significant Cyber-Attacks”. Retrieved on 10 March 2022 from:

https://specopssoft.com/blog/countries-experiencing-significantcyber-attacks/

Schultz, E. 2004."Security Training and Awareness Fitting a Square

peg in a Round Hole". Computers & Security, 23 (1), pp. 1-2.

Talib, S., Clarke, N. L., & Furnell, S. M. 2012. "Establishing A

Personalized Information Security Culture". International Journal of

Mobile Computing and Multimedia Communications

(IJMCMC), 3(1), pp. 63-79.

Talib, S., Clarke, N. L., and Furnell, S. M. 2010. "An analysis of

information security awareness within home and work

environments". In Availability, Reliability, and Security, 2010.

ARES'10 International Conference on (pp. 196-203). IEEE

Tsohou, A., Karyda, M., Kokolakis, S., and Kiountouzis, E. 2010.

"Analyzing information security awareness through networks of

association". In Trust, Privacy and Security in Digital Business (pp.

-237). Springer Berlin Heidelberg.

Takemura, T. 2010."A quantitative study on Japanese workers'

awareness to information security using the data collected by webbased survey. American Journal of Economics and Business

Administration, 2(1), pp. 20- 26.

Wilson, M., and Hash, J. 2003."Building an information technology

security awareness and training program". NIST Special

publication, 800, 50.

Downloads

Published

2023-03-01

How to Cite

Asker, H., & Tamtam, A. (2023). Knowledge of Information Security Awareness and Practices for Home Users: Case Study in Libya. ESI Preprints, 14, 22. Retrieved from https://esipreprints.org/index.php/esipreprints/article/view/283

Issue

Vol. 14 (2023): ESI Preprints

Section

Preprints

License

Copyright (c) 2023 ESI Preprints

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.