Information systems security in the Greek public sector

The security aspects of public sector information systems are important as the respective systems are often part of critical infrastructures or deal with personal or sensitive data. A set of 53 Greek public sector organizations were investigated by means of a structured questionnaire concerning important aspects of information systems security. We present the relevant theoretical background, the methodology of our research, and an analysis of the obtained results. Greek public sector organizations have only a basic level of information system security awareness. Most care about digital data confidentiality; however, only a small percentage have developed a systematic, complete, and integrated approach towards the security of their information system, including internal audit procedures. The importance of proper training and generally the importance of the human factor for achieving high levels of information systems security is often underestimated.