Home   >   CSC-OpenAccess Library   >    Manuscript Information
Security Behavior Intention of Employees with Hearing Difficulties: An Empirical Comparison Study
Wisdom Umeugo
Pages - 29 - 42     |    Revised - 31-03-2023     |    Published - 30-04-2023
Volume - 17   Issue - 2    |    Publication Date - April 2023  Table of Contents
Information Security Awareness, Security Behavior, SeBIS, Deaf Security Awareness.
Human factors are frequently cited as the weakest link in the information security defense chain. Numerous studies have characterized employees as potential insider threats. Yearly industry reports persistently cite unsafe employee behavior as a leading cause of vulnerabilities and data breaches, especially in security-critical sectors such as the education, finance, government, information technology, legal, and medical sectors. Organizations spend vast sums on information security awareness (ISA) programs to improve employee security behavior. Employee security behavior intentions (SeBI) must be measured as part of gauging and tuning the effectiveness of ISA programs. Many studies measuring employee SeBI independently and as part of general employee ISA measurements have focused on homogenous populations, performing varying analyses based on information security experience, position, academic program, age, gender, and education levels. None have provided insights from the standpoint of deafness and hearing issues. This study surveyed employees in the education, finance, government, information technology, legal, medicine, military, and Policing sectors for their self-reported SeBI. The resulting SeBI scores were average. No statistically significant difference in SeBI scores was found between groups with and without hearing difficulties, although SeBI scores were slightly less for employees with hearing difficulties. The results suggested that more ISA training is needed for employees in the surveyed sectors.
Alzamil, Z. A. (2012). Information security awareness at Saudi Arabians’ organizations: an information technology employee’s perspective. International Journal of Information Security and Privacy (IJISP), 6(3), 38-55.
Arisya, K. F., Ruldeviyani, Y., Prakoso, R., & Fadhilah, A. L. (2020, November). Measurement of information security awareness level: A case study of mobile banking (m-banking) users. In 2020 Fifth International Conference On Informatics And Computing (Icic) (pp. 1-5). IEEE.
Badie, N., & Lashkari, A. H. (2012). A new Evaluation Criteria for Effective Security Awareness in Computer Risk Management based on AHP. Journal of Basic and Applied Scientific Research, 2(9),9331–9347.
Candiwan, C., Sari, P. K., & Sharif, O. O. (2022). Information Security Awareness Evaluation of Telemedicine Application Users using Human Aspect Information System Questionnaire. 2022 IEEE 8th International Conference on Computing, Engineering and Design (ICCED), 1.
Chao, C.-M. (2019). Factors determining the behavioral intention to use mobile learning: an application and extension of the UTAUT model. Frontiers in Psychology, p. 10, 1652. https://doi.org/10.3389/fpsyg.2019.01652.
Check Point Software. (2022, October 26). Check Point Research: Third quarter of 2022 reveals increase in cyberattacks and unexpected developments in global trends. Retrieved January 16, 2023, from https://blog.checkpoint.com/2022/10/26/third-quarter-of-2022-reveals-increase-in-cyberattacks/.
Cindana, A., & Ruldeviyani, Y. (2018, October). Measuring information security awareness on employee using HAIS-Q: Case study at XYZ firm. In 2018 International Conference on Advanced Computer Science and Information Systems (ICACSIS) (pp. 289-294). IEEE.
CloudSek. (2022, December 30). Unprecedented Increase in Cyber Attacks Targeting Government Entities in 2022 - CloudSEK. CloudSEK - Digital Risk Management Enterprise | Artificial Intelligence Based Cybersecurity. Retrieved January 16, 2023, from https://cloudsek.com/whitepapers_reports/unprecedented-increase-in-cyber-attacks-targeting-government-entities-in-2022/.
Cuchta, T., Blackwood, B., Devine, T. R., Niichel, R. J., Daniels, K. M., Lutjens, C. H., ... & Stephenson, R. J. (2019, September). Human risk factors in cybersecurity. In Proceedings of the 20th annual SIG conference on information technology education (pp. 87-92).
Egelman, S., & Peer, E. (2015, April). Scaling the security wall: Developing a security behavior intentions scale (sebis). In Proceedings of the 33rd annual ACM conference on human factors in computing systems (pp. 2873-2882).
Egelman, S., Harbach, M., & Peer, E. (2016, May). Behavior ever follows intention? A validation of the Security Behavior Intentions Scale (SeBIS). In Proceedings of the 2016 CHI conference on human factors in computing systems (pp. 5257-5261).
Fadhilah, A. L., Ruldeviyani, Y., Prakoso, R., & Arisya, K. F. (2021). Measurement of information security awareness level: A case study of digital wallet users. IOP Conference Series: Materials Science and Engineering, 1077(1), 012003. https://doi.org/10.1088/1757-899X/1077/1/012003.
Farooq, A., Isoaho, J., Virtanen, S., & Isoaho, J. (2015, August). Information security awareness in educational institution: An analysis of students' individual factors. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 352-359). IEEE.
Filippidis, A. P., Hilas, C. S., Filippidis, G., & Politis, A. (2018, May). Information security awareness of greek higher education students' preliminary findings. In 2018 7th International Conference on Modern Circuits and Systems Technologies (MOCAST) (pp. 1-4). IEEE.
Galba, T., Solic, K., & Lukic, I. (2015). An information security and privacy self-assessment (ISPSA) tool for internet users. Acta PolytechnicaHungarica, 12(7), 149-162. Gratian, M., Bandi, S., Cukier, M., Dykstra, J., & Ginther, A. (2018). Correlating human traits and cyber security behavior intentions. computers & security, 73, 345-358.
Griffiths, C. (2023, January 6). The Latest Cyber Crime Statistics (updated January 2023) | AAG IT Support. AAG IT Services. Retrieved January 16, 2023, from https://aag-it.com/the-latest-cyber-crime-statistics/.
Hadlington, L. (2017). Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon, 3(7), e00346.
Hong, Y., Xu, M., & Furnell, S. (2023). Situational support and information security behavioural intention: a comparative study using conservation of resources theory. Behaviour & Information Technology, pp. 1-17. https://doi.org/10.1080/0144929X.2023.2177825
Jenkins, J., Durcikova, A., University of Oklahoma, USA, Nunamaker, J., & University of Arizona, USA. (2021). Mitigating the Security Intention-Behavior Gap: The Moderating Role of Required Effort on the Intention-Behavior Relationship. Journal of the Association for Information Systems, 22(1), 246-272. https://doi.org/10.17705/1jais.00660.
Kadena, E., & Gupi, M. (2021). Human Factors in Cybersecurity: Risks and Impacts. Security science journal, 2(2), 51-64.
Kruger, H. A., & Kearney, W. D. (2006). A prototype for assessing information security awareness. Computers & Security, 25(4), 289-296. https://doi.org/10.1016/j.cose.2006.02.008.
Lebek, B., Uffen, J., Neumann, M., Hohler, B., & H. Breitner, M. (2014). Information security awareness and behavior: a theory-based literature review. Management Research Review, 37(12), 1049-1092. https://doi.org/10.1108/MRR-04-2013-0085.
Luangrungruang, T., & Kokaew, U. (2022). E-Learning Model to Identify the Learning Styles of Hearing-Impaired Students. Sustainability, 14(20), 13280. https://doi.org/10.3390/su142013280.
Moletsane, T., & Tsibolane, P. (2020). Mobile information security awareness among students in higher education : an exploratory study. 2020 Conference on Information Communications Technology and Society (ICTAS), 1-6. https://doi.org/10.1109/ICTAS47918.2020.233978.
Mosleh, M., Pennycook, G., & Rand, D. G. (2020). Self-reported willingness to share political news articles in online surveys correlates with actual sharing on Twitter. Plos One, 15(2), e0228882. https://doi.org/10.1371/journal.pone.0228882.
Murbach, K. (2019). Self-efficacy in information security: a mixed methods study of deaf end-users. Nastasiu, C. I. (2016). Cyber security strategies in the internet era. Scientific research and education in the air force-afases, 619-624.
Ngoqo, B., & Flowerday, S. (2014). Linking student information security awareness and behavioural intent. HAISA, p. 162.
Nifakos, S., Chandramouli, K., Nikolaou, C. K., Papachristou, P., Koch, S., Panaousis, E., & Bonacina, S. (2021). Influence of human factors on cyber security within healthcare organisations: A systematic review. Sensors, 21(15), 5119.
Papp, G., & Lovaas, P. (2021). Assessing Small Institutions' Cyber Security Awareness Using Human Aspects of Information Security Questionnaire (HAIS-Q). In Intelligent Computing: Proceedings of the 2021 Computing Conference, Volume 3 (pp. 933-948). Springer International Publishing.
Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., & Zwaans, T. (2017). The human aspects of information security questionnaire (HAIS-Q): two further validation studies. Computers & Security, pp. 66, 40-51.
Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2014). Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q). Computers & security, pp. 42, 165-176.
Pattinson, M. R., Butavicius, M. A., Parsons, K., McCormac, A., Calic, D., & Jerram, C. (2016). The Information Security Awareness of Bank Employees. In HAISA (pp. 189-198). Pollock, T. (2017). Reducing human error in cyber security using the Human Factors Analysis Classification System (HFACS).
Prabhu, S., & Thompson, N. (2022). A primer on insider threats in cybersecurity. Information Security Journal: A Global Perspective, 31(5), 602-611.
PurpleSec. (2022, October 17). 2022 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends. https://purplesec.us/resources/cyber-security-statistics/.
Puspitaningrum, E. A., Devani, F. T., Putri, V. Q., Hidayanto, A. N., Solikin, & Hapsari, I. C. (2018). Measurement of employee information security awareness: case study at A government institution. 2018 Third International Conference on Informatics and Computing (ICIC), 1-6. https://doi.org/10.1109/IAC.2018.8780571. Rahman, T., Rohan, R., Pal, D., & Kanthamanon, P. (2021, June). Human factors in cybersecurity: a scoping review. In The 12th International Conference on Advances in Information Technology (pp. 1-11).
Salem, Y., Moreb, M., & Rabayah, K. S. (2021). Evaluation of Information Security Awareness among Palestinian Learners. 2021 International Conference on Information Technology (ICIT), 21–26. https://doi.org/10.1109/ICIT52682.2021.9491639.
Shropshire, J., Warkentin, M., & Sharma, S. (2015). Personality, attitudes, and intentions: Predicting initial adoption of information security behavior. Computers & Security, pp. 49, 177-191. https://doi.org/10.1016/j.cose.2015.01.002
Solic, K., Jovic, F., & Blazevic, D. (2013). An approach to the assessment of potentially risky behavior of ICT systems’ users. Technical Gazette, 20(2), 335-342. U.S. Government Accountability Office. (2020, December 15). Cybersecurity: An overview of cyber challenges facing the nation, and actions needed to address them. U.S. GAO. Retrieved January 16, 2023, from https://www.gao.gov/cybersecurity.
Zulfia, A., Adawiyah, R., Hidayanto, A. N., & Budi, N. F. A. (2019, April). Measurement of employee information security awareness using the human aspects of information security questionnaire (HAIS-Q): Case study at PT. PQS. In 2019 5th International Conference on Computing Engineering and Design (ICCED) (pp. 1-5). IEEE.
Dr. Wisdom Umeugo
University of the Cumberlands, Independent Researcher, Ottawa - Canada

View all special issues >>