Information security awareness among system administrators and end-user perspectives

Abstract

Information security breaches is a current serious issue that has been faced by many organizations. Many ways have been discovered to reduce the number of security breaches such as technical and non-technical methods. Yet the issue still occurs because of the humans unconcerned behaviors. The results of this dissertation have increased the understanding the fact that human factor is the main cause in the information security vulnerabilities in an organization. The objective of this dissertation is to project the information of the security practices and the awareness level among the system administrator and end user at the same time to proof that the human error is the major factor for the security breaches. The research demonstrated the type of breaches, rate and education that can be given to the employee on how to reduce the security breaches during their daily task performance. Questionnaires for the end users, discussion sessions with the system administrators and data collections from archival records have supported the dissertation. Based on the analysis, the end users created threats due to many factors such as user skills or capabilities and users’ attitude towards the technological tools or introduction to new process in the organization. Data were analyzed using Statistical Package for the Social Science (SPSS) quantitative data analysis. The findings from surveys collection and interviews sessions showed that the end users need more education on self-awareness against security attacks around them while the system administrator should always be ready to support the security awareness level and help to educate the awareness among the employee in the organization.