In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Title: The Information Security Awareness of Bank Employees
Author(s): Malcolm Pattinson, Marcus Butavicius, Kathryn Parsons, Agata McCormac, Dragana Calic, Cate Jerram
Keywords: Information Security Awareness (ISA), Information Security (InfoSec), Social Desirability Bias, Fear of Reprisal
Abstract: This paper presents research that assessed the Information Security Awareness (ISA) of employees of an Australian bank and compared these results with an identical survey of the Australian general workforce. The objective of this study was to establish a form of construct validity, specifically known-groups validity, of the Human Aspects of Information Security Questionnaire (HAIS-Q). For the purposes of this study, ISA is a measure of an employee’s knowledge of, and attitude towards, their organisation’s Information Security (InfoSec) policies and procedures. This study used a web-based survey research method by utilising modules of the HAIS-Q. Individual knowledge and attitude were assessed for 198 bank employees and 500 general workforce participants. Seven InfoSec focus areas were evaluated: password management, email management, internet use, social media use, mobile computing, information handling and incident reporting. It was found that the levels of ISA for bank employees were approximately 20% better than those for the general workforce, in all InfoSec focus areas. Factors that may have contributed to this conclusive result are discussed and include social desirability bias; fear of reprisal; InfoSec education and in-house training.
Download count: 1796
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.