Old Monarchy in the New Cyberspace: Empirical Examination of Information Security Awareness among Austrian and Hungarian Enterprises

Abstract

Information security awareness is part of organizational culture, a way of thinking and behavior which ensures that the employees of the organizations are committed to acknowledging the legitimacy of security measures, they abide by them and they also make them known to others and enforce their application. After collecting empirical data from 280 Austrian and 470 Hungarian employees of different companies we concluded that the level of information security awareness of managers and employees in the Austrian and Hungarian business sector depends on company size. The level of this type of awareness can be regarded as good in the case of corporations both in Austria and Hungary. A good level of information security awareness was observed among the Austrian medium-sized enterprises. However, in a fifth of their Hungarian counterparts, the employees need further trainings in this area. Security problems can be traced back to poor organization at a fifth of the Austrian small-sized enterprises, a third of the Austrian microenterprises, and three-quarters of the Hungarian microenterprises. In 20% of the Austrian and Hungarian enterprises, employees have distressing gaps in their knowledge in this area, furthermore, it can also be concluded that employees with higher digital literacy have a higher level of information security awareness in Austria compared to the Hungarian business sector.