In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019)
 | Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019) |
Title: Cybersecurity Awareness and Culture in Rural Norway
Author(s): Håkon Gunleifsen, Vasileios Gkioulos, Gaute Wangen, Andrii Shalaginov, Mazaher Kianpour, Mohamed Abomhara
Reference: pp110-121
Keywords: Security, Awareness, IT-knowledge, Cybersecurity, Training
Abstract: Understanding the level of security awareness, perception, and culture of users in aspects related to security is crucial for the development of suitable and effective protection measures for both Internet users and the utilised infrastructure. This understanding becomes imperative in countries with increased integration of Information and Communication Technologies (ICT), such as Norway. In this paper, we present a summary of results from an extended study of the security awareness and cybersecurity culture of Norwegian users of ICT. Specifically, the study targets Internet subscription owners in rural Norway and identifies how their security awareness can be improved. The study was conducted using an online questionnaire which got 945 respondents. This study differs from previous measurements because it targets an older segment of the population (average age 56 years) which primarily resides in rural Norway. The paper presents results for the sample within the areas of general stance toward IT, knowledge, risk evaluations, and trust in authorities. Furthermore, we analyse the training preferences and compare their self-evaluated skills in knowledge and risk-evaluations with their actions and behaviour online. The results show that the level of security awareness is highly subjective and that training programs and security awareness campaigns are both needed and requested by end-users. We have concluded that a customised need for cybersecurity training among targeted groups of end-users.
Download count: 814
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.