Open access repository

Home Open access repository

In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).

» Openaccess proceedings » Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)

Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)

Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Frankfurt, Germany, July 19-21, 2016
ISBN: 978-1-84102-413-4

Title: The Information Security Awareness of Bank Employees
Author(s): Malcolm Pattinson, Marcus Butavicius, Kathryn Parsons, Agata McCormac, Dragana Calic, Cate Jerram
Reference: pp189-198
Keywords: Information Security Awareness (ISA), Information Security (InfoSec), Social Desirability Bias, Fear of Reprisal
Abstract: This paper presents research that assessed the Information Security Awareness (ISA) of employees of an Australian bank and compared these results with an identical survey of the Australian general workforce. The objective of this study was to establish a form of construct validity, specifically known-groups validity, of the Human Aspects of Information Security Questionnaire (HAIS-Q). For the purposes of this study, ISA is a measure of an employee’s knowledge of, and attitude towards, their organisation’s Information Security (InfoSec) policies and procedures. This study used a web-based survey research method by utilising modules of the HAIS-Q. Individual knowledge and attitude were assessed for 198 bank employees and 500 general workforce participants. Seven InfoSec focus areas were evaluated: password management, email management, internet use, social media use, mobile computing, information handling and incident reporting. It was found that the levels of ISA for bank employees were approximately 20% better than those for the general workforce, in all InfoSec focus areas. Factors that may have contributed to this conclusive result are discussed and include social desirability bias; fear of reprisal; InfoSec education and in-house training.
Download count: 1314

How to get this paper:

Download a free PDF copy of this paperBuy this book at Lulu.com

PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.