Information Security Adherence in Institutions of Higher Education.

ABSTRACT

Institution of higher education face a higher level of information security incidence and compromise such as data and information theft, malicious program infection, attack on the information systems infrastructure and computer network.

The antagonistic impact of information security incidence includes compromise of confidential data and intellectual property, massive financial losses and increased level of information security vulnerability and threat.

This study aims to determine the predictors of students’ adherence to safe information security behaviour in institution of higher education.

In this study, we integrate variables from the Protection motivation theory (PMT) and the Unified theory of acceptance and use of technology (UTAUT) theory in other to understand the willingness of student to practice safe information security behavior.

This study utilized the quantitative research method for data gathering and analysis. A total of 276 responses where gotten from the respondents. The result showed that the threat appraisal, performance expectancy, effort Expectancy have significant impact on the intention to adhere to a safe information security behavior.

While facilitating condition have significant impact on actual protection and also the intention have a significant impact on actual information security behavior.

From the research findings, we identified threat appraisal, performance expectancy, effort expectancy, facilitating condition as the different predictors of student adherence to safe information systems security behavior.

The research findings suggest that safe information security behavior is influenced by information security education and awareness. Furthermore adequate support also influence safe information security behavior.

TABLE OF CONTENTS

ACKNOWLEDGEMENT … iv
Abstract ……. v
List of Table ..
List of Figure ..

CHAPTER ONE  INTRODUCTION

1.0 BACKGROUND TO THE STUDY …….. 1
1.1 STATEMENT OF PROBLEM ………… 4
1.2 OBJECTIVE OF STUDY …….. 5
1.3 RESEARCH QUESTION ………. 5
1.4 SCOPE OF STUDY …. 6
1.5 PLAN OF THE STUDY…… 6

CHAPTER TWO LITERATURE REVIEW

2.0 INTRODUCTION……….. 8
2.1 INFORMATION SYSTEMS IN INSTITUTIONS ….. 8
2.2 INFORMATION SECURITY IN INSTITUTIONS ……….. 12
2.3 CHARACTERISTICS OF INFORMATION SECURITY……. 14
2.4 INFORMATION SECURITY THREATS AND ATTACKS IN INSTITUTIONS OF HIGHER EDUCATION. 15
2.4.1 KEYBOARD CAPTURING …… 15
2.4.2 MALWARE… 16
2.4.3 DENIAL OF SERVICE ATTACK … 16
2.4.4 SNIFFER ……… 17
2.4.5 FILE SHARING THREATS … 18
2.4.6 EXCESS AND ABUNDANCE OF INTERNET RESOURCE… 18
2.4.7 INSTANT MESSAGE TECHNOLOGIES……… 19
2.5 THEORETICAL BACKGROUND . 19
2.5.1 THE PROTECTION MOTIVATION THEORY (PMT) ..21
2.5.2 THE UNIFIED THEORY OF ACCEPTANCE AND USE OF TECHNOLOGY (UTAUT) 24
2.6 RESEARCH HYPOTHESIS …… 26
2.6.1 THREAT APPRAISAL …….. 27
2.6.2 PERFORMANCE EXPECTANCY .. 28
2.6.3 EFFORT EXPECTANCY ….. 28
2.6.4 FACILITATING CONDITION … 29
2.6.5 INTENTION ………. 29
2.7 CHAPTER SUMMARY ………. 30

CHAPTER THREE RESEARCH METHODOLOGY

3.0 INTRODUCTION………….. 31
3.1 RESEARCH DESIGN … 31
3.2 POPULATION OF THE STUDY …… 32
3.3 POPULATION AND SAMPLING ….. 32
3.4 METHOD OF DATA COLLECTION ….. 33
3.5 RESEARCH INSTRUMENT ………. 34
3.6 RESEARCH INSTRUMENT VALIDITY AND RELIABILITY.. 34
3.7 ADMINISTRATION OF RESEARCH INSTRUMENT … 35
3.8 ETHICAL CONSIDERATIONS ……… 35
3.9 METHOD OF DATA ANALYSIS … 35

CHAPTER FOUR  DATA ANALYSIS AND FINDING

4.0 INTRODUCTION……… 37
4.1 DEMOGRAPHIC CHARACTERISTICS OF RESPONDENTS ……. 37
4.2 DATA ANALYSIS …… 38
4.3 COMMON METHOD VARIANCE ANALYSIS …… 39
4.4 EXPLORATORY FACTOR ANALYSIS TESTING ……. 39
4.4.1 RELIABILITY AND VALIDITY ……… 40
4.5 CONFIRMATORY FACTOR ANALYSIS ………. 40
4.5.1 THE RELIABILITY AND CONSTRUCT VALIDITY MEASUREMENT .. 40
4.5.2 MODEL FIT …………….. 42
4.6 HYPOTHESIS TESTING …… 43

CHAPTER FIVE DISCUSSION AND CONCLUSION

5.0 DISCUSSION ……… 45
5.1 THREAT APPRAISAL ….. 46
5.1.1 PERFORMANCE EXPECTANCY …… 46
5.1.2 EFFORT EXPECTANCY …… 47
5.1.3 FACILITATING CONDITION … 47
5.2 IMPLICATION …………… 48
5.3 LIMITATION …….. 49
5.4 SUGGESTION FOR STUDY …… 49
5.5 CONCLUSION ………….. 50
REFERENCE ……….. 51
APPENDICES ……. 61

INTRODUCTION

1.1 Background to the Study

Information is an essential resource and asset; the possession of relevant, correct and detailed information has increased institutional and organizational effectiveness and efficiency. Modern technologies and innovations, have transformed how data are collected, processed and disseminated.

However the availability and ease of access to modern information technologies and innovation have led to unauthorized and improper collection, sharing, modification, exchange and dissemination of information and data (Varney, 1996); due to this, information protection and security has become a critical issue.

The need for the protection of information and its assets have become paramount in institutions and organization (Marks, 2007).

However, institutions and organization must ensure that proper information security practice become a common practice in their regular and daily processes and activities.

Information security is the adequate protection of information and its essential assets against unauthorized access, modification and misuse by individuals, group of people and organization (Whitman & Mattord, 2011).

The main objective of information security in institutions includes the prevention, avoidance, detection, and recovery of information and its essential asset (Awad & Battah, 2011).

Information security is not limited to the protection of information and data alone, it also ensures the protection of the entire information infrastructure and assets (Okibo & Ochiche, 2014).

REFERENCES

Ahmad, A. (2012). Type of Security Threats and It’s Prevention. International Journal of Computer Technology & Applications, 3(2), 750–752.

Ajzen, I. (1991a). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179–211. https://doi.org/http://dx.doi.org/10.1016/0749- 5978(91)90020-T

Ajzen, I. (1991b). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179–211. https://doi.org/10.1016/0749-5978(91)90020-T

Al-awadi, M., & Renaud, K. (2007). Success factors in information security: implementation in organizations. ADIS International Conference E-Society, 169–176.

Aloul, F., Al-ali, A. R., Al-dalky, R., & Al-mardini, M. (2012). Smart Grid Security : Threats , Vulnerabilities and Solutions. Smart Grid and Clean Energy Smart, (971), 1–6. Retrieved from http://www.aloul.net/Papers/faloul_ijsgce12.pdf

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *