Analiza socioloških aspekata informacione bezbednosti primenom HAIS-Q modela

  • Nenad M. Jevtić Univerzitet „Union – Nikola Tesla“, Fakultet za inženjerski menadžment, Beograd (Srbija)
  • Jelena D. Raut Univerzitet „Union – Nikola Tesla“, Fakultet za inženjerski menadžment, Beograd (Srbija)
DOI: https://doi.org/10.5937/socpreg58-47480
Ključne reči: informaciona bezbednost, HAIS-Q model, svest o informacionoj bezbednosti (ISA), percepcija rizika, organizaciona bezbednost

Sažetak


Cilj rada je istraživanje socioloških aspekata informacione bezbednosti kroz HAIS-Q model, na Fakultetu za inženjerski menadžment. Istraživanje je sprovedeno anonimno, u vremenskom okviru od četiri meseca, na uzorku od 179 ispitanika. HAIS-Q model je izgrađen od sedam fokusnih oblasti, koje prožimaju varijable znanje, stavovi i ponašanja, dok se predmetno istraživanje usmerilo na fokusnu oblast „upotreba interneta“. Analizirajući varijable sa najnižim ocenama u jednoj od sedam fokusnih oblasti ovog modela, istražuju se nedostaci u svesti o informacionoj bezbednosti među zaposlenima. Rad ističe implikacije ovih nedostataka za organizacionu bezbednost i zaštitu informacija, sa akcentom na važnost unapređenja varijabli sa najnižim ocenama. Sveobuhvatnim razmatranjem socioloških dimenzija informacione bezbednosti, doprinosi se boljem razumevanju ove važne oblasti današnjeg digitalnog doba.

Reference

Al-Janabi, S., Al-Shourbaji, I. (2016). A Study of Cyber Security Awareness in Educational Environment in the Middle East. Journal of Information & Knowledge Management, 15(1). Available at: https://www.worldscientific.com/doi/abs/10.1142/S0219649216500076

Anwar, M., He, W., Ach, I., Yuan, X., Li, L., Xu, L. (2017). Gender difference and employes cybersecurity behaviors. Computers in Human Behavior, 69, 437–443. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0747563216308688?via%3Dihub

Blunt, S. (2022). Understanding Information Security Awareness in the American Workforce. St. Thomas University, Florida.

Bohren, O. (1998). The agent’s ethics in the principal-agent model. Journal of Business Ethics, 17 (7).

Cain, A., Edwards, E., Still, J. (2018). An exploratory study of cyber hygiene behaviors and knowledge. Journal of Information Security and Applications, 42, 36–45. Available at: https://www.sciencedirect.com/science/article/abs/pii/S2214212618301455?via%3Dihub

Cindana, J., Ruldeviyani, Y. (2019). Measuring information security awareness on employee using HAIS-Q: Case study at XYZ firms. In 2018 Internation Conference on Advanced Computer Science and Information Systems. ICACSIS 2018. Available at: https://ieeexplore.ieee.org/abstract/document/8618219/

Gratian, M., Bandi, S., Cukier, M., Dykstra, J., Ginther, A. (2018). Correlating human traits and cyber security behavior intentions. Computers & Security, 73, 345–358. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0167404817302523?via%3Dihub

Laghari, A. A., Wu, K., Laghari, R. A., Ali, M., Khan, A. A. (2021). A review and state of art of Internet of Things (IoT). Archives of Computational Methods in Engineering, 1–19. Available at: https://link.springer.com/article/10.1007/s11831-021-09622-6

Jeske, D., Van Schaik, P. (2017). Familiarity with Internet threats: Beyond awareness. Computers & Security, 66, 129–141. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0167404817300214?via%3Dihub

Kovačević, A., Putnik, N., Tošković, O. (2020). Factors Related to Cyber Security Behavior. In: IEEE Access, vol. 8, pp. 125140–125148. Available at: https://ieeexplore.ieee.org/abstract/document/9136668

Kruger, H., Drevin, L., Steyn, T. (2010). A vocabulary test to assess information security awareness. Information Management & Computer Security, 18 (5), 316–327. Available at: https://www.emerald.com/insight/content/doi/10.1108/09685221011095236/full/html

Kruger, H., Kearney, W. (2006). A prototype for assessing information security awareness. Computers & Security, 25 (4), 289–296. Available at: https://www.sciencedirect.com/ science/article/abs/pii/S0167404806000563

Liginlal, D., Sim, I., Khansa, L. (2009). How significant is human error as a cause of privacy breaches? An empirical study and a framework for error management. Computers & Security, 28, 215–228. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0167404808001181

McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., Pattinson, M. (2017). Individual differences and Information Security Awareness. Computer in Human Behavior, 69, 151–156. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0747563216308147?via%3Dihub

Moallem, A. (2019). Cybersecurity Awareness Among Students and Faculty. CRC Press. https://doi.org/10.1201/9780429031908

Olmstead, K., Smith, A. (2017). Americans and cybersecurity. Available at: https://www. pewresearch.org/internet/2017/01/26/americans-and-cybersecurity/ (accessed 27-12-2023)

Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., Jerram, C. (2014). Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q). Computers & Security, 42, 165–176. Available at: https://www.sciencedirect.com/science/article/abs/pii/S016740481300179X

Parsons, K., Calic, D., Pattinson, M., Butacivius, M., McCormac, A., Zwaans, T. (2017). The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers & Security, 66, 40–51. Available at: https://www.sci-encedirect.com/science/article/abs/pii/S0167404817300081

Roberts, S. (2021) . Exploring the Relationships Between User Cybersecurity Knowledge, Cybersecurity and Cybercrime Attitudes, and Online Risky Behaviors. Diss. Northcentral University.

Schultz, E. (2005). The human factor in security. Computers and security, 24 (6), 425–426.

Serrado, J., Peneira, R. F., Mira da Silva, M., Scalabrin Bianchi, I. (2020). Information secu-rity frameworks for assisting GDPR compliance in banking industry. Digital Policy, Regulation and Governance, 22 (3), 227–244. Available at: https://www.emerald.com/insight/content/doi/10.1108/DPRG-02-2020-0019/full/html

Singh, R., Tanwar, S., Sharma, T. P. (2020) . Utilization of blockchain for mitigating the distributed denial of service attacks. Security and Privacy, 3 (3), e96. Available at: https://onlinelibrary.wiley.com/doi/abs/10.1002/spy2.96

Soomro, Z. A., Shah, M. H., Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36, 215–225. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0268401215001103

Objavljeno
2024/04/27
Broj časopisa
Vol. 58 Br. 1 (2024)
Rubrika
Pregledni naučni rad

Sva prava zadržana (c) 2024 Sociološki pregled

Creative Commons License

Ovaj rad je pod Creative Commons Autorstvo-Deli pod istim uslovima 4.0 međunarodnom licencom.