Search results

Due to the lack of awareness and poor cybersecurity practices that pose cyber threats during COVID-19 time, this research aims to explore user's attitude toward engaging in proactive cybersecurity awareness behavior.

Based on the theory of planned behavior, the relationship between multiple factors and their influence on the attitude is explored. A survey-based approach was utilized to collect responses and a model was proposed and tested on 229 respondents from the University of Petra-Jordan.

The attitude was significantly influenced by peers' influence and the individuals' cybersecurity threats awareness, especially threats that emerged during the COVID-19 time.

The research benefits decision makers in educational institutions who intend to develop cybersecurity awareness programs and helps them to assess user cybersecurity background weaknesses.

The research is the first to explore users' knowledge dimensions including organizational, information systems and social media as well as peers' influence on cybersecurity awareness. Also, it sheds light on the users’ perception of major cybersecurity hazards in COVID-19 time.

The purpose of this paper is to propose visualization techniques as a new representation for privacy policies instead of traditional textual representation and to examine empirically their effects on users’ information privacy awareness level.

The authors selected as a case the privacy policy of Instagram and conducted two empirical investigations, each one with three interventions and each representing a different version of the Instagram privacy policy to users. Through a pre- and a post-questionnaire, the authors examined the effects that each representation technique had on the users’ privacy awareness level.

The paper finds that visualized privacy policies lead to higher privacy awareness levels than conventional textual ones, especially when icons are included.

The authors implemented two new representation techniques offering beneficial guidelines for designing more attractive privacy policy representations. However, the samples are rather limited for generalization to the wide population; nonetheless, they are significant to demonstrate the effect of visualized techniques. The findings might also be subject to bias (e.g. brand bias), although the authors took necessary methodological actions to prevent bias.

The results and the methodology of the paper could guide practitioners for the representation of a privacy policy, given that the authors provide systematic and concrete steps.

This paper examines the value of privacy policy visualization as a new approach for enabling user privacy awareness, as well as implements two visualization techniques for a given privacy policy. The paper and its findings should be useful for researchers, as well as for practitioners.

The human factor is a major consideration in securing systems. A wide and increasing range of different technologies, devices, platforms, applications and services are being used every day by home users. In parallel, home users are also experiencing a range of different online threats and attacks and are increasingly being targeted as they lack the knowledge and awareness about potential threats and how to protect themselves. The increase in technologies and platforms also increases the burden upon a user to understand how to apply security across differing technologies, operating systems and applications. This results in managing the security across their technology portfolio increasingly more troublesome and time consuming. This paper aims to propose an approach that attempts to propose a system for improving security management and awareness for home users.

The proposed system is capable of creating and assigning different security policies for different digital devices in a user-friendly fashion. These assigned policies are monitored, checked and managed to review the user’s compliance with the assigned policies to provide bespoke awareness content based on the user’s current needs.

A novel framework was proposed for improving information security management and awareness for home users. In addition, a mock-up design was developed to simulate the proposed approach to visualise the main concept and the functions which might be performed when it is deployed in a real environment. A number of different scenarios have been simulated to show how the system can manage and deal with different types of users, devices and threats. In addition, the proposed approach has been evaluated by experts in the research domain. The overall feedback is positive, constructive and encouraging. The experts agreed that the identified research problem is a real problem. In addition, they agreed that the proposed approach is usable, feasible and effective in improving security management and awareness for home users.

The proposed design of the system is a mock-up design without real data. Therefore, implementing the proposed approach in a real environment can provide the researcher with a better understanding of the effectiveness and the functionality of the proposed approach.

This study offers a framework and usable mock-up design which can help in improving information security management for home users.

Improving the security management and awareness for home users by monitoring, checking and managing different security controls and configurations effectively are the key to strengthen information security. Therefore, when home users have a good level of security management and awareness, this could protect and secure the home network and subsequently business infrastructure and services as well.

Research on online user privacy shows that empirical evidence on how privacy literacy relates to users' information privacy empowerment is missing. To fill this gap, this paper investigated the respective influence of two primary dimensions of online privacy literacy – namely declarative and procedural knowledge – on online users' information privacy empowerment.

An empirical analysis is conducted using a dataset collected in Europe. This survey was conducted in 2019 among 27,524 representative respondents of the European population.

The main results show that users' procedural knowledge is positively linked to users' privacy empowerment. The relationship between users' declarative knowledge and users' privacy empowerment is partially supported. While greater awareness about firms and organizations practices in terms of data collections and further uses conditions was found to be significantly associated with increased users' privacy empowerment, unpredictably, results revealed that the awareness about the GDPR and user’s privacy empowerment are negatively associated. The empirical findings reveal also that greater online privacy literacy is associated with heightened users' information privacy empowerment.

While few advanced studies made systematic efforts to measure changes occurred on websites since the GDPR enforcement, it remains unclear, however, how individuals perceive, understand and apply the GDPR rights/guarantees and their likelihood to strengthen users' information privacy control. Therefore, this paper contributes empirically to understanding how online users' privacy literacy shaped by both users' declarative and procedural knowledge is likely to affect users' information privacy empowerment. The study empirically investigates the effectiveness of the GDPR in raising users' information privacy empowerment from user-based perspective. Results stress the importance of greater transparency of data tracking and processing decisions made by online businesses and services to strengthen users' control over information privacy. Study findings also put emphasis on the crucial need for more educational efforts to raise users' awareness about the GDPR rights/guarantees related to data protection. Empirical findings also show that users who are more likely to adopt self-protective approaches to reinforce personal data privacy are more likely to perceive greater control over personal data. A broad implication of this finding for practitioners and E-businesses stresses the need for empowering users with adequate privacy protection tools to ensure more confidential transactions.

Online social network (OSN) users have a high propensity to malware threats due to the trust and persuasive factors that underpin OSN models. The escalation of social engineering malware encourages a growing demand for end-user security awareness measures. The purpose of this paper is to take the theoretical cybersecurity awareness model TTAT-MIP and test its feasibility via a Facebook app, namely social network criminal (SNC).

The research employs a mixed-methods approach to evaluate the SNC app. A system usability scale measures the usability of SNC. Paired samples t-tests were administered to 40 participants to measure security awareness – before and after the intervention. Finally, 20 semi-structured interviews were deployed to obtain qualitative data about the usefulness of the App itself.

Results validate the effectiveness of OSN apps utilising a TTAT-MIP model – specifically the mass interpersonal persuasion (MIP) attributes. Using TTAT-MIP as a guidance, practitioners can develop security awareness systems that better leverage the intra-relationship model of OSNs.

The primary limitation of this study is the experimental settings. Although the results testing the TTAT-MIP Facebook app are promising, these were set under experimental conditions.

SNC enable persuasive security behaviour amongst employees and avoid potential malware threats. SNC support consistent security awareness practices by the regular identification of new threats which may inspire the creation of new security awareness videos.

The structure of OSNs is making it easier for malicious users to carry out their activities without the possibility of detection. By building a security awareness programme using the TTAT-MIP model, organisations can proactively manage security awareness.

Many security systems are cumbersome, inconsistent and non-specific. The outcome of this research provides organisations and security practitioners with a framework for designing and developing proactive and tailored security awareness systems.

Wiki forms a new model of virtual collaboration. The original wiki is designed to hide content authorship information. Such design may hinder users from being aware of task conflict, resulting in low-efficient conflict management and decreased group performance. This study aims at increasing users' awareness of task conflict to facilitate wiki-based collaboration.

A visual feedback dialog box is designed to increase users' awareness of task conflict. A survey-based comparative study is conducted by using original wiki and modified wiki (the new design). A total of 301 participants are invited. Structural equation model (SEM) is used to analyze survey data.

Most users are willing to solve conflict issues, and the dialog box can increase users' awareness of task conflict. Conflict awareness can promote user's participation, gain better conflict resolution and improve group performance. The dialog box can enhance the influence of conflict awareness on user participation and conflict resolution, but reduce the influence of conflict awareness on group performance.

Only undergraduate students are invited, some typical variables are not included. The design needs improvement.

A new wiki tool is designed. The influence of conflict awareness is explored while previous studies largely ignore this variable.

Social media has created a new level of interconnected communication. However, the use of online platforms brings about various ways in which a user’s personal data can be put at risk. This study aims to investigate what drives the disclosure of personal information online and whether an increase in awareness of the value of personal information motivates users to safeguard their information.

Fourteen university students participated in a mixed-methods experiment, where responses to Likert-type scale items were combined with responses to interview questions to provide insight into the cost–benefit analysis users conduct when disclosing information online.

Overall, the findings indicate that users are able to disregard their concerns due to a resigned and apathetic attitude towards privacy. Furthermore, subjective norms enhanced by fear of missing out (FOMO) further allows users to overlook potential risks to their information in order to avoid social isolation and sanction. Alternatively, an increased awareness of the personal value of information and having experienced a previous privacy violation encourage the protection of information and limited disclosure.

This study provides insight into privacy and information disclosure on social media in South Africa. To the knowledge of the researchers, this is the first study to include a combination of the theory of planned behaviour and the privacy calculus model, together with the antecedent factors of personal valuation of information, trust in the social media provider, FOMO.

The frequency and sophistication of cybercrimes are increasing. These cybercrimes are impacting government and private organizations as well as individuals. One of the countermeasures is to improve the cyber hygiene of the end-users. Serious games or game-based learning has emerged as a promising approach for implementing security education, training and awareness program. In this paper, the researchers propose a tabletop card game called Cyber Suraksha to increase threat awareness and motivate users to adopt recommended security controls for smartphone users. Cyber Suraksha provides an active learning environment for the players. This paper aims to provide the details of the design and evaluation of the game using a between-subjects design.

The researchers have used constructive learning theory and the Fogg behaviour model (FBM) to design a tabletop card game called Cyber Suraksha. The researchers evaluated the game using a between-subjects design. The participants' responses in the control and intervention groups were collected using the risk behaviour diagnosis scale. Pearson’s Chi-Square test with a 5% significance level was used to test the hypotheses.

The results indicate that the game is enjoyable and fun. Cyber Suraksha game effectively motivates users to adopt the recommended security control for the targeted behaviour. The results indicate that the participants in the intervention group are 2.65 times more likely to adopt recommended behaviour. The findings of this study provide evidence for the effectiveness of hope and fear appeals in improving cybersecurity awareness.

The generalizability of the study is limited because the sample size is small compared to the total number of smartphone users in India, and only students from computer/IT UG programs in India are used as participants in this study.

This study uses hope and a fear appeal to design an effective serious game. It also demonstrates using the FBM and constructive learning principles for effective serious game design. Cyber Suraksha is effective for the student group and may be tested with other age groups.

To the researchers' knowledge, there are no serious games for cybersecurity awareness focusing on the threats faced by smartphone users based on FBM and constructive learning theory. This research used hope along with a fear appeal to motivate smartphone users to adopt recommended security controls.

This study aims to ascertain the impact of data collecting awareness on perceived information security concerns and information-sharing behavior on social networking sites.

Based on communication privacy management theory, the study forecasted the relationship between information-sharing behavior and awareness of data collecting purposes, data collection tactics and perceived security risk using structural equation modeling analysis and one-way ANOVA. The sample size of 521 young social media users in Vietnam, ages 18 to 34, was made up of 26.7% men and 73.3% women. When constructing the questionnaire survey method with lone source respondents, the individual’s unique awareness and experiences with using online social networks (OSNs) were taken into account.

The results of the investigation demonstrate a significant relationship between information-sharing and awareness of data collecting, perceptions of information security threats and behavior. Social media users have used OSN privacy settings and paid attention to the sharing restriction because they are concerned about data harvesting.

This study was conducted among young Vietnamese social media users, reflecting specific characteristics prevalent in the Vietnamese environment, and hence may be invalid in other nations’ circumstances.

Social media platform providers should improve user connectivity by implementing transparent privacy policies that allow users to choose how their data are used; have clear privacy statements and specific policies governing the use of social media users’ data that respect users’ consent to use their data; and thoroughly communicate how they collect and use user data while promptly detecting any potential vulnerabilities within their systems.

The authors ascertain that the material presented in this manuscript will not infringe upon any statutory copyright and that the manuscript will not be submitted elsewhere while under Journal of Information, Communication and Ethics in Society review.

This paper aims to investigate the impact of perceived price level and information security awareness on computer users’ attitude. Moreover, this study aims to investigate the effect of attitude, subjective norms and perceived behavioral control (PBC) on intention to use anti-malware software.

Data were collected using a structured questionnaire from 225 students of five public universities in Malaysia. Purposive sampling technique was used in this study. AMOS 24 was used to test the research framework using a two-step approach.

Findings give support to some of the hypotheses developed with R2 values of 0.521 for attitude and 0.740 for intention. Perceived price level had a negative effect on attitude while information security awareness had a positive effect on attitude and intention. Attitude, subjective norms and PBC were all positively related to intention, but perceived price level did not affect intention. This suggests that benefits of using anti-malware are more than its price value. Therefore, the price has no direct effect on intention to use.

University computer networks are as open and inviting as their campuses. Therefore, this research can be helpful to the universities to safeguard their networks and encourage the students to use anti-malware. However, using anti-malware software will enable an individual to identify and prioritize security risks, quickly detect and mitigate security breaches, improve the understanding of security gaps and safeguard the sensitive data by minimizing the risks related to malware.

This study ventured to model the information security behavior of anti-malware usage by individual users by using the theory of planned behavior with the addition of two new variables, perceived price level and information security awareness to explain the behavior better.