An Empirical Study of SETA Program Sustaining Educational Sector’s Information Security vs. Information Systems Misuse-Reference-Cited by-同舟云学术

An Empirical Study of SETA Program Sustaining Educational Sector’s Information Security vs. Information Systems Misuse

Published:2023-08-22 Issue:17 Volume:15 Page:12669
ISSN:2071-1050
Container-title:Sustainability
language:en
Short-container-title:Sustainability

Author:

Zheng Binglong¹,Tse Daniel¹^ORCID,Ma Jiajing¹,Lang Xuanyi¹,Lu Yinli¹^ORCID

Affiliation:

1. College of Business, City University of Hong Kong, Kowloon, Hong Kong, China

Abstract

Information systems misuse and data breaches are among the most common information security threats at the organisational and individual levels. Security, Education, Training and Awareness (SETA) program can be effective tools in addressing and preventing such risks for sustaining the educational sector’s information security, although it is costly to implement and achieves limited results. Several studies have shown that SETA implementation can improve corporate employees’ information security protection behaviours. This study adopts the method of quantitative research, deterrence theory with selected perceived cost and information security awareness (ISA) as intermediate variables and explores how SETA programs affect information system abuse on campuses. The results show that implementing the SETA program positively impacts perceived cost and ISA; perceived cost and information security positively impact reducing misuse behaviour of information systems. At last, we provide rationalisation suggestions for individual students and schools to help SETA programs to be better implemented.

Publisher

MDPI AG

Subject

Management, Monitoring, Policy and Law,Renewable Energy, Sustainability and the Environment,Geography, Planning and Development,Building and Construction

Link

https://www.mdpi.com/2071-1050/15/17/12669/pdf

Reference32 articles.

1. Wang, G., Tse, D., Cui, Y., and Jiang, H. (2022). An Exploratory Study on Sustaining Cyber Security Protection through SETA Implementation. Sustainability, 14.

2. User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach;Hovav;Inf. Syst. Res.,2009

3. Stephanou, T., and Dagada, R. (2008). The Impact of Information Security Awareness Training on Information Security Behaviour: The Case for Further Research, ISSA.

4. Burns, A.J., Roberts, T.L., Posey, C., Bennett, R.J., and Courtney, J.F. (2015, January 5–8). Assessing the Role of Security Education, Training, and Awareness on Insiders’ Security-Related Behavior: An Expectancy Theory Approach. Proceedings of the 2015 48th Hawaii International Conference on System Sciences, Kauai, HI, USA.

5. McIlwraith, A. (2021). Information Security and Employee Behaviour: How to Reduce Risk through Employee Education, Training and Awareness, Routledge.