Information Security Awareness from Generation Y Perspective Based on a Qualitative Approach
Copyright (c) 2022 Bak Gerda, Kelemen-Erdős Anikó
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Abstract
Digital technology is embedded in our lives, and the pandemic will further increase and strengthen our connection to electronic devices. At the same time, the number of cyberattacks has increased significantly, despite the fact that a significant part of them could be prevented. This study aims to explore and deepen the understanding of the factors influencing the attitudes and awareness of Generation Y youth towards information security, based on qualitative empirical research in form of in-depth interviews. The interviews were analysed using a triangulation approach with two perspectives: content analysis and grounded theory methodology. The interviews demonstrate that the interviewees consider their online and digital security as a significant factor on a theoretical level, however, the practice reveals the lack of appropriate protection methods and the vulnerability of the respondents. This foundational research can form the basis for further quantitative approaches.
Keywords:
How to Cite
References
Ahlan, Abdul Rahman – Muharman Lubis – Arif Ridho Lubis: Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and Measures. Procedia Computer Science, 72. (2015). 361–373. Online: https://doi.org/10.1016/j.procs.2015.12.151
Aiken, Lewis R. – Gary Groth-Marnat: Psychological Testing and Assessment. Boston, Allyn and Bacon, 2006.
Alavi, Reza – Shareeful Islam – Haralambos Mouratidis: An Information Security Risk-Driven Investment Model for Analysing Human Factors. Information & Computer Security, 24. (2016), 2. 205–227. Online: https://doi.org/10.1108/ICS-01-2016-0006
Albladi, Samar Muslah – George R. S. Weir: User Characteristics that Influence Judgment of Social Engineering Attacks in Social Networks. Human-centric Computing and Information Sciences, 8. (2018). 1. Online: https://doi.org/10.1186/s13673-018-0128-7
Bak Gerda – Kiss Sándor: A biztonságtudatosság szisztematikus szakirodalmi áttekintése. Hadmérnök, 16. (2021), 4. 85–99. Online: https://doi.org/10.32567/hm.2021.4.7
Beldad, Ardion D.: Sharing to be Sociable, Posting to be Popular: Factors Influencing Non-Static Personal Information Disclosure on Facebook among Young Dutch Users. International Journal of Web Based Communities, 11. (2015), 3–4. 357–374. Online: https://doi.org/10.1504/IJWBC.2015.072132
Buchanan, Tom – Monica T. Whitty: The Online Dating Romance Scam: Causes and Consequences of Victimhood. Psychology, Crime & Law, 20. (2013), 3. 261–
Online: https://doi.org/10.1080/1068316X.2013.772180
Bulgurcu, Burcu – Hasan Cavusoglu – Izak Benbasat: Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness. MIS Quarterly, 34. (2010), 3. 523–548. Online: https://doi.org/10.2307/25750690
Donalds, Charlette – Kweku-Muata Osei-Bryson: Cybersecurity Compliance Behavior: Exploring the Influences of Individual Decision Style and Other Antecedents. International Journal of Information Management, 51. (2020). 102056. Online: https://doi.org/10.1016/j.ijinfomgt.2019.102056
Ehmann Bea – Balázs László: A Sarkvidéktől a világűrig: A pszichológiai tartalomelemzés alkalmazása izolált kiscsoportok vizsgálatára. Magyar Pszichológiai Szemle, 70. (2015), 4. 723–742. Online: https://doi.org/10.1556/0016.2015.70.4.2
Furnell, Steven – Kieran Millet – Maria Papadaki: Fifteen Years of Phishing: Can Technology Save Us? Computer Fraud & Security, (2019), 7. 11–16. Online: https://doi.org/10.1016/S1361-3723(19)30074-0
Grant, Kevin – David Edgar – Arun Sukumar – Martin Meyer: ‘Risky Business’: Perceptions of E-Business Risk by UK Small and Medium Sized Enterprises (SMEs). International Journal of Information Management, 34. (2014), 2. 99–122. Online: https://doi.org/10.1016/j.ijinfomgt.2013.11.001
Hanus, Bartlomiej – Yu “Andy”Wu: Impact of Users’ Security Awareness on Desktop Security Behavior: A Protection Motivation Theory Perspective. Information Systems Management, 33. (2015), 1. 2–16. Online: https://doi.org/10.1080/10580530.2015.1117842
Hauser, Deanna: Social Engineering Awareness in Business and Academia. In MWAIS 2016 Proceedings. Wisconsin, 2016. 3–6.
Horváth Dóra – Ariel Mitev: Alternatív kvalitatív kutatási kézikönyv. Budapest, Alinea Kiadó, 2015.
Hutchinson, Gershon – Jacques Ophoff: A Descriptive Review and Classification of Organizational Information Security Awareness Research. In H. Venter – M. Loock – M. Coetzee – M. Eloff – J. Eloff (szerk.): Information and Cyber Security. Cham, Springer, 2020. 114–130. Online: https://doi.org/10.1007/978-3-030-43276-8_9
Jaeger, Lennart – Andreas Eckhardt: Eyes Wide Open: The Role of Situational Information Security Awareness for Security–Related Behaviour. Information Systems Journal, 31. (2021), 3. 429–472. Online: https://doi.org/10.1111/isj.12317
Jéri Tamás: Az elektronikus levelezés és a kiberbiztonság összefüggései. Hadmérnök, 16. (2021), 2. 169–185. Online: https://doi.org/10.32567/hm.2021.2.12
Kallio, Hanna – Anna-Maija Pietilä – Martin Johnson – Mari Kangasniemi: Systematic Methodological Review: Developing a Framework for a Qualitative Semi- Structured Interview Guide. Journal of Advanced Nursing, 72. (2016), 12. 2954–2965. Online: https://doi.org/10.1111/jan.13031
Keith, Mark J. – Samuel C. Thompson – Joanne Hale – Paul Benjamin Lowry – Chapman Greer: Information Disclosure on Mobile Devices: Re-Examining Privacy Calculus with Actual User Behavior. International Journal of Human-Computer Studies, 71. (2013), 12. 1163–1173. Online: https://doi.org/10.1016/j.ijhcs.2013.08.016
Kelemen-Erdős, Anikó – Adél Molnár: Cooperation or Conflict? The Nature of the Collaboration of Marketing and Sales Organizational Units. Economics and Culture, 16. (2019), 1. 58–69. Online: https://doi.org/10.2478/jec-2019-0007
Kelemenné Erdős Anikó: A közforgalmú közlekedési szolgáltatás és piac vizsgálata marketing és fenntarthatósági nézőpontból. Budapest, Budapesti Műszaki és Gazdaságtudományi Egyetem, 2014.
Khan, Freeha – Jung Hwan Kim – Lars Mathiassen – Robin Moore: Data Breach Management: An Integrated Risk Model. Information & Management, 58. (2021), 1. 103392. Online: https://doi.org/10.1016/j.im.2020.103392
Krippendorff, Klaus: Content Analysis – An Introduction to Its Methodology. Thousand Oaks, SAGE, 2018. Online: https://doi.org/10.4135/9781071878781
Lazar, Arokia Jesu Prabhu – Sudhakar Sengan – Luigi Pio Leonardo Cavaliere – Thillaiarasu Nadesan – Deepesh Sharma – Mukesh Kumar Gupta – Thangam Palaniswamy – Mahendiran Vellingiri – Dilip Kumar Sharma – Thirukumaran Subramani: Analysing the User Actions and Location for Identifying Online Scam in Internet Banking on Cloud. Wireless Personal Communications, (2021). Online: https://doi.org/10.1007/s11277-021-08585-y
Oroszi Eszter Diána: Social engineering technikák. In Deák Veronika (szerk.): Célzott kibertámadások. Éves továbbképzés az elektronikus információs rendszer biztonságával összefüggő feladatok ellátásában részt vevő személy számára 2018. Budapest, Nemzeti Közszolgálati Egyetem, 2018. 77–118. Online: https://bit.ly/3D5AqlD
Ortiz, Jaime – Shu-Hao Chang – Wen-Hai Chih – Chia-Hao Wang: The Contradiction between Self-Protection and Self-Presentation on Knowledge Sharing Behavior. Computers in Human Behavior, 76. (2017). 406–416. Online: https://doi.org/10.1016/j.chb.2017.07.031
Parsons, Kathryn – Agata McCormac – Marcus Butavicius – Malcolm Pattinson – Cate Jerram: Determining Employee Awareness Using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42. (2014). 165–176. Online: https://doi.org/10.1016/j.cose.2013.12.003
Saáry, Réka – Ágnes Csiszárik-Kocsir – János Varga: Examination of the Consumers’ Expectations Regarding Company’s Contribution to Ontological Security. Sustainability, 13. (2021), 17. 9987. Online: https://doi.org/10.3390/su13179987
Stirnimann, Sonja: Der Mensch als Risikofaktor bei Wirtschaftskriminalität: Handlungsfähig bei Non-Compliance und Cyberkriminalität. Wiesbaden, Springer, 2018. Online: https://doi.org/10.1007/978-3-658-20813-4
Szappanos Gábor: Kártékony kódok használata a célzott támadások végrehajtásában. In Deák Veronika (szerk.): Célzott kibertámadások. Éves továbbképzés az elektronikus információs rendszer biztonságával összefüggő feladatok ellátásában részt vevő személy számára 2018. Budapest, Nemzeti Közszolgálati Egyetem, 2018. 119–159. Online: https://bit.ly/3z4dl1J
Szokolszky Ágnes: A pszichológiai kutatás módszertana. Budapest, Osiris Kiadó, 2020.
Tari Annamária: Y generáció. Klinikai pszichológiai jelenségek és társadalomlélektani összefüggések az információs korban. Budapest, Jaffa Kiadó, 2010.
Vahdati, Soudabeh – Niloofar Yasini: Factors Affecting Internet Frauds in Private Sector: A Case Study in Cyberspace Surveillance and Scam Monitoring Agency of Iran. Computers in Human Behavior, 51. (2015). 180–187. Online: https://doi.org/10.1016/j.chb.2015.04.058
Zhongping, Zeng – Yang Kaifeng – Zhang Yi – Zhou Peipei: Increasing Employees’ Awareness and Enhancing Motivation in E-Government Security Behavior Management. In 2013 Fourth International Conference on Digital Manufacturing & Automation. IEEE, 2013. 684–687. Online: https://doi.org/10.1109/ICDMA.2013.162
Zimmermann, Verena – Karen Renaud: Moving from a ‘Human-as-Problem” to a ‘Human-as-Solution” Cybersecurity Mindset. International Journal of Human-Computer Studies, 131. (2019). 169–187. Online: https://doi.org/10.1016/j.ijhcs.2019.05.005