Empirical Study on the Correlation between User Awareness and Information Security
Keywords:information security, information system, security awareness, user behaviour
AbstractThere are many existing high quality technical security solutions, but ongoing cyberwar is still not suppressed, which implies that there is a need for new concepts in information security. It is possible that the problem persists because the existing technical solutions have not included human factors. Those solutions are mostly focused on the attacker but should also be focused on the user as the integral part of the safeguarded system. It is possible that the user presents the weakest element in the security chain as the internal treats are among the most frequent information security issues. In this paper the authors analyse empirical data collected by simulation of e mail user behaviour caused by their level of security awareness. Results of this study confirm hypotheses that users can significantly influence the overall information system security level as well as private and business data used in e mail communication. The aim of this paper is to stress the problem of human influence on the information system security among technicians involved in developing technical security solutions, such as software engineers developing new algorithms for spam filters.