The Reality and Motives of Adherence to Information Security Policies in Palestinian Higher Education Institutions: A Case Study of Hebron University
Keywords:
Information security, information security policies, higher educationAbstract
Information systems security is a core factor in the development and using of computer information systems which provides security for the data and privacy for users; and humans are one of the major key players in this field. Some of human behaviors that leads to security breaches in computer information systems include Ignorance, negligence, indifference, and lack of awareness in information security. In this research, we are spotting the light on the importance of information system security policies in higher educational institutions in Palestine – Hebron University case study. The importance of this research lies in knowing the reality of information systems security policies in Palestinian universities and knowing the factors affecting adherence to information security policies such as knowledge of information security, experience, and educational level. The study concluded that the degree of knowledge about the security of information systems and their adherence by the staff of Hebron University was high. The study also concluded that there are statistically significant differences related to the staff adherence to information systems security policies according to the educational level and experience. The study has recommended the necessity of following up the implementation of information systems security policies, and updating and reviewing them in line with the requirements of the next phase and the tremendous technological development the world is witnessing.
Downloads
References
Al-Janabi, S., & AlShourbaji, I. (2016). A Study of Cyber Security Awareness in Educational Environment in the Middle East. Journal of Information & Knowledge Management, 15(1), 30.
Andress, J. (2014). The Basics of Information Security. Syngress.
Bourgeois, D., & Bourgeois, D. T. (2014). Information Systems for Business and Beyond. Creative Commons.
de Bruijn, H., & Janssen, M. (2017). Building cybersecurity awareness: The need for evidence-based framing strategies. Government Information Quarterly, 34(1), 1-7.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 523-548.
Claude, B. (2008). la traduction juridique fondement et méthode. Bruxelles: De Boeck Université.
Dulany, K. M. (2002). security is not just technical. GSEC Practical Assignments - SANS Institute, 1-4.
Easttom, C. (2019). Computer Security Fundamentals. USA: Pearson.
Hare, C. (2001). Information Security policies, procedures, and standards: Establishing an essential code of conduct. Data Security Management, 82-85.
Hasan, M. S., Rahman, R. A., Farah, S., Binti, H., Abdillah, T., & Omar, N. (2015). Perception and Awareness of Young Internet Users towards Cybercrime: Evidence from Malaysia. Journal of Social Sciences, 11(4), 395 - 404.
Health informatics — Security and privacy requirements of EHR systems for use in conformity assessment. (2020). Insternational Standard Organization. https://www.iso.org/standard/61347.html.
Hornby, A. S. (1974). Oxford advanced learner’s dictionary of current English. Oxford University Press, Oxford.[OALDCE].
Jorro, Y. (2011). Information System Security Audit Readiness Case study: Ethiopian Government Organizations, Master thesis. Stockholm, Sweden, Stockholm University.
Kumar, S., Benigni, M., & Carley, K. M. (2016, September). The impact of US cyber policies on cyber-attacks trend. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI) (pp. 181-186). IEEE.
Loudon, K., & Loudon, J. (2010). Management Information Systems. Managing the Digital Firm. New Jersey: Prentice-Hall inc.
Malby, S., Mace, R., Holterhof, A., Brown, C., Kascherus, S., & Ignatuschtschenko, E. (2013). Comprehensive study on cybercrime. United Nations Office on Drugs and Crime, Tech. Rep.
Maynard, S. B., Ruighaver, A. B., & Sandow-Quirk, M. J. (2002). Redefining the Information System Security Policy. In IS One World Conference. Las Vegas. USA.
Moallem, A. (2018). Cyber security awareness among college students. In International conference on applied human factors and ergonomics (pp. 79-87). Springer, Cham.
Muhire, B. (2012). Employee Compliance with Information Systems Security Policy in Retail Industry. Case: Store Level Employees.
Pescatore, J. (2019). SANS Top New Attacks and Threat Report. SANS Institute.
Reynolds, G. W. (2014). Ethics in Information Technology. Cengage Learning.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. computers & security, 56, 70-82.
SANS. (2019). Security Awareness Report: The Rising Era of Awareness Training. https://www.sans.org/security-awareness-training/reports/2019-security-awareness-report.
Senthilkumar, K., & Easwaramoorthy, S. (2017). A Survey on Cyber Security awareness among college students in Tamil Nadu. In IOP Conference Series: Materials Science and Engineering (Vol. 263, No. 4, p. 042043). IOP Publishing.
Stair, R., & Reynolds, G. (2012). Principles of Information Systems. Boston, USA: CENAGE Learning.
UK Government. (2016). NATIONAL CYBER SECURITY STRATEGY 2016 - 2021. London: Cabinet Office and National security and intelligence.
Whitman, M. E., & Mattord, H. J. (2012). Principles of Information security. Boston, USA: CENAGE learning Inc.
Hasasneh, N. M., & Moreb, M. M. (2013). E-Learning at Hebron University--A Case Study. In 2013 Fourth International Conference on e-Learning" Best Practices in Management, Design and Development of e-Courses: Standards of Excellence and Creativity" (pp. 438-441). IEEE.
Amro, B. (2018). Cybercrime as a Matter of the Art in Palestine and its Effect on Individuals.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
