Empirical Study to Analyse Information Security Awareness of NUST Students

Abstract

Every aspect of information security cannot be addressed efficiently by taking only technical measures into consideration. With the increasing rate of insider threat, information security awareness plays a crucial role in fulfilling security requirements of an organization. The main aim of the study is to examine the relationship between individual, environmental, cultural factors and information security awareness (ISA). This quantitative study has used the primary data collected from twin cities of Pakistan including Rawalpindi and Islamabad by targeting the university students having sample size of (N=501) students. Personality traits have been found as an important factor in user behavior towards security. This study incorporates the personality traits as individual factor, peer pressure and secondary source influence as environmental factor, rule following as a cultural factor of an organization in theoretical framework to investigate their impact on students’ ISA. Openness and environmental factors have shown positive impact on ISA. Cultural factor shown strong but negative impact on ISA due to openness personality of the target audience. On the basis of the statistical analysis, we incorporated the new components in the NIST awareness program framework to fill the gap of improving user behavior towards information security. This framework would fulfill the demands of tailored awareness program which could not only improve knowledge but behavior as well by catering the environmental, cultural and individual aspects.