Raising Information Security Awareness in the Field of Urban and Regional Planning

IT is being increasingly used in most areas of life. With the IoT, this technology is set to be in a state of continuous evolution in urban and regional settings. The ongoing development of digitalization processes also increases the possibilities of abuse—both at the technical and interpersonal level. Better information security (IS) awareness (ISA) and knowledge about the dangers that accompany digitalization and the corresponding protective measures are important in private and work life. However, ISA is often overlooked. Training the relevant awareness and skills should also be included in urban and regional planning for citizens. This article thus provides a review of the scientific literature of leading academic journals in the area of IS and the transfer of scientific knowledge for practical purposes. The article presents Serious Games as a way to achieve a deeper understanding of how to promote sustainable ISA using creative methods. Furthermore, ideas of how to apply the Fun Theory and its practice to integrate awareness into modern urban and regional planning will be discussed.

AWARENESS OF ICT SECURITY POLICY TO ENSURE DATA PROTECTION IN FORESTRY DEPARTMENT PENINSULAR MALAYSIA

The Forestry Department Peninsular Malaysia's (FDPM) ICT Security Policy was developed and implemented in 2012 and reviewed in 2015. This policy aims to take the lead in managing data, hardware, software, network, and ICT security under legal regulations. Amongst the department's responsibilities are to implement data confidentiality, integrity, and availability policies to ensure the continuity of activities and services while mitigating the impact of security incidents. Accidentally, on September 16, 2016, a fire broke out in the FDPM building, causing property damage and document destruction with an estimated loss of RM30 million. Currently, in Malaysia, cybercrime and government data intrusion has become increasingly difficult to combat. Raising public awareness, particularly among officers who serve as service providers and department employees, is therefore critical to address those issues. Therefore, the objectives of this research are to determine the level of awareness of FDPM employees regarding FDPM ICT Security Policy as well as to investigate the factors that influence information security awareness. Inputs from this study were derived from both primary and secondary sources to meet the objectives. Primary data was gathered through surveys where 130 questionnaires were distributed to FDPM headquarters employees at the management, professional, and support team levels. Meanwhile, secondary data was gathered from FDPM annual and management reports, statistical data, journals, reference documents, and the Internet. The findings were analyzed statistically using SPSS. The level of awareness has been determined and an appropriate criterion to improve the level of information security awareness among FDPM employees was recommended which may help for a better understanding of department culture and increase a higher level of security awareness among FDPM employees.

Assessing the Effects of Gamification on Enhancing Information Security Awareness Knowledge

Information security awareness (ISA) has become a vital issue, as security breaches often attributed to humans lead to losses for individuals and organizations. Information security (IS) education may be an effective strategy to improve students’ ISA; however, studies associated with the relationships between teaching effects and information security learning are few. This study adopted gamification practice and examined its effect on students’ ISA knowledge enhancement, attitude and intention of security compliance, and willingness for continuous IS education. This study also examined the gender difference in a gamified learning system. One hundred ten undergraduates participated in a quasi-experimental study. The results indicated that students within a gamified class performed better than students within a lecture-based instructional group. We found significant gamification effects on the three security focus areas of password management, Internet use, and information handling. Gamification did not significantly impact the attitude and intention of participants’ security compliance and students’ willingness for continuous IS learning. Gender difference in the effect of gamification on ISA knowledge enhancement was not observed as well. The research provides theoretical and practical contributions by incorporating gamification into IS learning and suggests gamification as an effective means to enhance students’ knowledge acquisition in an engaging, timely, economical, and repeated manner.

A Solution Paper on Cyber Security Awareness Campaign Lacking in Rural and Urban Area of India

The present paper focuses on Cyber Security Awareness Campaign’s lacking in many rural and urban area of India and Changing behavior requires more information security awareness programs and we extract essential components from Social media and with appropriate procedural and technological work. We can use it for an awareness campaign. Large amount of raw data that has been viewed by users in the form of text, videos, photos and audio. The outcome showed that the delivery methods improves the awareness on the general population.

Predicting information security culture among employees of telecommunication companies in an emerging market

Purpose The purpose of this study is to examine factors, which influence information security culture among employees of telecommunications companies. The motivation for this study was the rise in the number of data breach incidents caused by the organizations’ own employees. Design/methodology/approach A total of 139 usable responses were collected via a Web-based questionnaire survey from employees of Malaysian telecommunications companies. Data were analysed by using SmartPLS 3. Findings Security education, training and awareness (SETA) programmes and information security awareness were found to have a positive and significant impact on Information Security Culture. Additionally, self-reported employees’ security behaviour was found to act as a partial mediator on the relationship between information security awareness and information security culture. Research limitations/implications The study was cross-sectional in nature. Therefore, it could not measure changes in population over time. Practical implications The empirical data provides a new perspective on significant elements that influence information security culture in an emerging market. Organizations in the telecommunications industry can now recognize that SETA programmes and information security awareness have a significant impact on information security culture. Employees’ security behaviour also mediates the relationship between information security awareness and information security culture. Originality/value This is the first study to analyse the mediating effect of employees’ security behaviour on the relationship between information security awareness and information security culture in the Malaysian telecommunications context.

EFFECTIVE METHODS FOR SUCCESSFUL INFORMATION SECURITY AWARENESS

Information security awareness is becoming increasingly important these days. It is not enough to have a well-developed physical and logical protection of the system and stored data; the users of these systems have to keep up with technological development and have to be sufficiently aware or cautious when using these systems. Information Security Awareness Programs provide the most effective solution for the improvement of users’ information security knowledge and digital competencies. The aim of this study is to help organisations in finding and providing an effective way of knowledge transfer. The study identifies the key elements of the implementation of the awareness programs and highlights the importance of communication channels and methods. The essay summarises and shows the most effective techniques that experts can use in order to draw the user’s attention toward information security, like real-life simulation scenarios, interactive games, themed awareness videos and other gamification techniques.