Analiza socioloških aspekata informacione bezbednosti primenom HAIS-Q modela
Sažetak
Cilj rada je istraživanje socioloških aspekata informacione bezbednosti kroz HAIS-Q model, na Fakultetu za inženjerski menadžment. Istraživanje je sprovedeno anonimno, u vremenskom okviru od četiri meseca, na uzorku od 179 ispitanika. HAIS-Q model je izgrađen od sedam fokusnih oblasti, koje prožimaju varijable znanje, stavovi i ponašanja, dok se predmetno istraživanje usmerilo na fokusnu oblast „upotreba interneta“. Analizirajući varijable sa najnižim ocenama u jednoj od sedam fokusnih oblasti ovog modela, istražuju se nedostaci u svesti o informacionoj bezbednosti među zaposlenima. Rad ističe implikacije ovih nedostataka za organizacionu bezbednost i zaštitu informacija, sa akcentom na važnost unapređenja varijabli sa najnižim ocenama. Sveobuhvatnim razmatranjem socioloških dimenzija informacione bezbednosti, doprinosi se boljem razumevanju ove važne oblasti današnjeg digitalnog doba.
Reference
Al-Janabi, S., Al-Shourbaji, I. (2016). A Study of Cyber Security Awareness in Educational Environment in the Middle East. Journal of Information & Knowledge Management, 15(1). Available at: https://www.worldscientific.com/doi/abs/10.1142/S0219649216500076
Anwar, M., He, W., Ach, I., Yuan, X., Li, L., Xu, L. (2017). Gender difference and employes cybersecurity behaviors. Computers in Human Behavior, 69, 437–443. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0747563216308688?via%3Dihub
Blunt, S. (2022). Understanding Information Security Awareness in the American Workforce. St. Thomas University, Florida.
Bohren, O. (1998). The agent’s ethics in the principal-agent model. Journal of Business Ethics, 17 (7).
Cain, A., Edwards, E., Still, J. (2018). An exploratory study of cyber hygiene behaviors and knowledge. Journal of Information Security and Applications, 42, 36–45. Available at: https://www.sciencedirect.com/science/article/abs/pii/S2214212618301455?via%3Dihub
Cindana, J., Ruldeviyani, Y. (2019). Measuring information security awareness on employee using HAIS-Q: Case study at XYZ firms. In 2018 Internation Conference on Advanced Computer Science and Information Systems. ICACSIS 2018. Available at: https://ieeexplore.ieee.org/abstract/document/8618219/
Gratian, M., Bandi, S., Cukier, M., Dykstra, J., Ginther, A. (2018). Correlating human traits and cyber security behavior intentions. Computers & Security, 73, 345–358. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0167404817302523?via%3Dihub
Laghari, A. A., Wu, K., Laghari, R. A., Ali, M., Khan, A. A. (2021). A review and state of art of Internet of Things (IoT). Archives of Computational Methods in Engineering, 1–19. Available at: https://link.springer.com/article/10.1007/s11831-021-09622-6
Jeske, D., Van Schaik, P. (2017). Familiarity with Internet threats: Beyond awareness. Computers & Security, 66, 129–141. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0167404817300214?via%3Dihub
Kovačević, A., Putnik, N., Tošković, O. (2020). Factors Related to Cyber Security Behavior. In: IEEE Access, vol. 8, pp. 125140–125148. Available at: https://ieeexplore.ieee.org/abstract/document/9136668
Kruger, H., Drevin, L., Steyn, T. (2010). A vocabulary test to assess information security awareness. Information Management & Computer Security, 18 (5), 316–327. Available at: https://www.emerald.com/insight/content/doi/10.1108/09685221011095236/full/html
Kruger, H., Kearney, W. (2006). A prototype for assessing information security awareness. Computers & Security, 25 (4), 289–296. Available at: https://www.sciencedirect.com/ science/article/abs/pii/S0167404806000563
Liginlal, D., Sim, I., Khansa, L. (2009). How significant is human error as a cause of privacy breaches? An empirical study and a framework for error management. Computers & Security, 28, 215–228. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0167404808001181
McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., Pattinson, M. (2017). Individual differences and Information Security Awareness. Computer in Human Behavior, 69, 151–156. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0747563216308147?via%3Dihub
Moallem, A. (2019). Cybersecurity Awareness Among Students and Faculty. CRC Press. https://doi.org/10.1201/9780429031908
Olmstead, K., Smith, A. (2017). Americans and cybersecurity. Available at: https://www. pewresearch.org/internet/2017/01/26/americans-and-cybersecurity/ (accessed 27-12-2023)
Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., Jerram, C. (2014). Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q). Computers & Security, 42, 165–176. Available at: https://www.sciencedirect.com/science/article/abs/pii/S016740481300179X
Parsons, K., Calic, D., Pattinson, M., Butacivius, M., McCormac, A., Zwaans, T. (2017). The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers & Security, 66, 40–51. Available at: https://www.sci-encedirect.com/science/article/abs/pii/S0167404817300081
Roberts, S. (2021) . Exploring the Relationships Between User Cybersecurity Knowledge, Cybersecurity and Cybercrime Attitudes, and Online Risky Behaviors. Diss. Northcentral University.
Schultz, E. (2005). The human factor in security. Computers and security, 24 (6), 425–426.
Serrado, J., Peneira, R. F., Mira da Silva, M., Scalabrin Bianchi, I. (2020). Information secu-rity frameworks for assisting GDPR compliance in banking industry. Digital Policy, Regulation and Governance, 22 (3), 227–244. Available at: https://www.emerald.com/insight/content/doi/10.1108/DPRG-02-2020-0019/full/html
Singh, R., Tanwar, S., Sharma, T. P. (2020) . Utilization of blockchain for mitigating the distributed denial of service attacks. Security and Privacy, 3 (3), e96. Available at: https://onlinelibrary.wiley.com/doi/abs/10.1002/spy2.96
Soomro, Z. A., Shah, M. H., Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36, 215–225. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0268401215001103