This paper attempts to investigate the impacts of main factors influencing information security behavior in improving awareness and performance of ICT departments' staff. According to the extant research, there are four groups of factors influencing information security behavior namely self-efficacy, intention to IT security practice, security practice-care behavior, and security practice-technology. The results of analyzing 220 gathered data from five Iranian universities showed that all factors have significant and positive impact on information security behavior, and the highest impact refers to security practice-care behavior.
Through reviewing the previous conducted studies, we can find enough evidence in order to support the relationship between self-efficacy and security practice with information system security behavior. The main issue which is discussed in this research is the key role of information system security awareness. According to the data analysis results on 230 collected data from 10 universities in Iran, located in Tehran, it was revealed that the relationship between mentioned factors with information system security can be mediated by information system security awareness
Due to human theft, fraud and error is declining as well as the reduction in computer properties misuse, most of the ICT departments all, should focus on human elements in their models of information system (IS) security. This issue has not been considered in previous studies efficiently. This paper, uses qualitative approach in order to improve IS security models. Usually, in most of the developed models so far, only technical factors are considered. In this regard, an interview was conducted with 6 experts in ICT departments of 6 universities in Iran. After exact review of their ideas and insights, human factors have been identified. All of the achieved results have been added to existed technical models and then the finalized model has been designed, which was verified by experts too later. The identified human factors include staffing, training, reward and compensation system and also performance appraisal.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.