Emerging Trends in ICT Security: Chapter 6. A Conceptual Framework for Information Security Awareness, Assessment, and Training (Emerging Trends in Computer Science and Applied Computing)

Information security has become a key issue. Human resources, including all people working with information technology, play a significant role in information security issues. The key factor for human resources in relation to information security is awareness about threats, challenges, and risks lurking in the information exchange environment. Improving staff awareness of information security should be one of the significant, permanent goals in an organization’s information security policies. This chapter investigates information security awareness in terms of knowledge, attitude, and behavior. Research was carried out using a survey method. To evaluate the information security awareness of staff, we developed nine components. Seven independent variables—gender, education level, IT awareness, working experience, occupation, field, and job category—were also selected for developing the conceptual model. Results showed that, among the investigated variables, gender, IT awareness, occupation field, and job category had significant correlations to information security awareness.