Purpose
This paper aims to investigate cyber security awareness of the staff of Estonian libraries and gives an overview why libraries could be a target of cyber attacks and why librarians need cyber security at first place.
Design/methodology/approach
The data used in this paper is based on a review of relevant literature to provide an overview of the concept of cyber security, and the results of the original online survey created by the paper’s author, conducted among Estonian librarians. The online questionnaire was developed using the world-recognised human aspects of information security questionnaire (HAIS-Q), which is based on the knowledge-attitudes-behaviour (KAB) methodology. A total of 388 completed questionnaires were returned from employees of academic, specialised, public and school libraries. The results are interpreted on the basis of descriptive statistics and Kruger and Kearney approach.
Findings
The final score of library employees is 86, which is classified as good, but based on the result, two focus areas need more attention than previously, which are the use of devices and prevention and handling of incidents.
Originality/value
The cyber behaviour of library employees has not been widely studied in the world using HAIS-Q and KAB models, and to the best of the authors’ knowledge, no research has been previously carried out in the Estonian library context into cyber security awareness.