To read the full version of this content please select one of the options below:

Exploring the relationship between student mobile information security awareness and behavioural intent

Bukelwa Ngoqo (Department of Applied Informatics, Walter Sisulu University, East London, South Africa)
Stephen V. Flowerday (Department of Information Systems, University of Fort Hare, East London, South Africa)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 12 October 2015

866

Abstract

Purpose

The purpose of this paper was to analyse existing theories from the social sciences to gain a better understanding of factors which contribute to student mobile phone users’ poor information security behaviour. Two key aspects associated with information security behaviour were considered, namely, awareness and behavioural intent. This paper proposes that the knowing-and-doing gap can possibly be reduced by addressing both awareness and behavioural intent. This research paper explores the relationship between student mobile phone user information security awareness and behavioural intent in a developmental university in South Africa.

Design/methodology/approach

Information security awareness interventions were implemented in this action research study, and student information security behavioural intent was observed after each cycle.

Findings

The poor security behaviour exhibited by student mobile phone users, which was confirmed by the findings of this study, is of particular interest in the university context, as most undergraduate students are offered a computer-related course which covers certain information security-related principles. Existing researchers in the field of information security still grapple with the “knowing-and-doing” gap, where user information security knowledge/awareness sometimes does not result in safer behavioural practises.

Originality/value

Zhang et al. (2009) suggest that understanding human behaviour is important when dealing with the problems caused by human errors. Harnesk and Lindstrom (2011) expressed a concern that existing research does not address the interlinked relationship between anticipated security behaviour and the enactment of security procedures. This study acknowledges Choi et al. (2008) contribution in their discussions on the “knowing-and-doing gap” suggests a link between awareness and actual behaviour that is confirmed by the findings of this study.

Keywords

Citation

Ngoqo, B. and Flowerday, S.V. (2015), "Exploring the relationship between student mobile information security awareness and behavioural intent", Information and Computer Security, Vol. 23 No. 4, pp. 406-420. https://doi.org/10.1108/ICS-10-2014-0072

Publisher

:

Emerald Group Publishing Limited

Copyright © 2015, Emerald Group Publishing Limited

Related articles