Informational inequality: the role of resources and attributes in information security awareness

IF 1.6 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Gregory Lyon
{"title":"Informational inequality: the role of resources and attributes in information security awareness","authors":"Gregory Lyon","doi":"10.1108/ics-04-2023-0063","DOIUrl":null,"url":null,"abstract":"Purpose The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security practices. The purpose of this study is to examine how objective cyber awareness is distributed throughout society. Design/methodology/approach This study draws on a large national survey of adults to examine the relationship between individual factors – such as demographic attributes and socioeconomic resources – and information security awareness. The study estimates several statistical models using weighted logistic regression to model objective information security awareness. Findings The results indicate that socioeconomic resources such as income and education have a significant effect on individuals’ information security awareness with richer and more highly educated individuals exhibiting greater awareness of important security practices and tools. Additionally, age and gender represent consistent and clear informational gaps in society as older individuals and females are significantly less knowledgeable about an array of information security practices than younger individuals and males, respectively. Social implications The findings have important implications for our understanding of information security behavior and user vulnerability in an increasingly digital and connected society. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks. While digital technology will continue to permeate many aspects of daily life – from financial transactions to health services to social interactions – the findings here indicate that some users may be far more exposed and vulnerable to attack than others. Originality/value This study contributes to our understanding of general user information security awareness using a large survey and statistical models to generalize about the public’s information security awareness across multiple domains and stimulates future research on public knowledge of information security. The findings indicate that some users may be far more exposed and vulnerable to attack than others. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks.","PeriodicalId":45298,"journal":{"name":"Information and Computer Security","volume":" 19","pages":"0"},"PeriodicalIF":1.6000,"publicationDate":"2023-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Computer Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ics-04-2023-0063","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Purpose The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security practices. The purpose of this study is to examine how objective cyber awareness is distributed throughout society. Design/methodology/approach This study draws on a large national survey of adults to examine the relationship between individual factors – such as demographic attributes and socioeconomic resources – and information security awareness. The study estimates several statistical models using weighted logistic regression to model objective information security awareness. Findings The results indicate that socioeconomic resources such as income and education have a significant effect on individuals’ information security awareness with richer and more highly educated individuals exhibiting greater awareness of important security practices and tools. Additionally, age and gender represent consistent and clear informational gaps in society as older individuals and females are significantly less knowledgeable about an array of information security practices than younger individuals and males, respectively. Social implications The findings have important implications for our understanding of information security behavior and user vulnerability in an increasingly digital and connected society. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks. While digital technology will continue to permeate many aspects of daily life – from financial transactions to health services to social interactions – the findings here indicate that some users may be far more exposed and vulnerable to attack than others. Originality/value This study contributes to our understanding of general user information security awareness using a large survey and statistical models to generalize about the public’s information security awareness across multiple domains and stimulates future research on public knowledge of information security. The findings indicate that some users may be far more exposed and vulnerable to attack than others. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks.
信息不平等:资源和属性在信息安全意识中的作用
互联网使用和设备连接的快速扩展强调了了解公众网络行为和知识的重要性。尽管如此,很少有研究调查公众对安全信息安全实践的客观认识。本研究的目的是研究客观网络意识如何在整个社会中分布。设计/方法/方法本研究通过对全国成年人进行大规模调查,以检验个人因素(如人口统计属性和社会经济资源)与信息安全意识之间的关系。本研究使用加权逻辑回归估计了几种统计模型来模拟客观的信息安全意识。结果表明,收入和教育等社会经济资源对个人的信息安全意识有显著影响,个人越富有,受教育程度越高,对重要的安全实践和工具的意识越强。此外,年龄和性别代表了社会中一致而明确的信息差距,因为老年人和女性对一系列信息安全实践的了解程度明显低于年轻人和男性。研究结果对我们理解日益数字化和互联的社会中的信息安全行为和用户脆弱性具有重要意义。尽管网络安全在日常生活的几乎所有领域对所有人都越来越重要,但人们对安全网络实践以及用于保护自己免受攻击的工具和技术的认识存在很大的不平等。虽然数字技术将继续渗透到日常生活的许多方面——从金融交易到医疗服务再到社交互动——但研究结果表明,一些用户可能比其他人更容易受到攻击。独创性/价值本研究通过大型调查和统计模型,有助于我们了解一般用户的信息安全意识,从而概括出公众在多个领域的信息安全意识,并促进未来对公众信息安全知识的研究。研究结果表明,一些用户可能比其他人更容易受到攻击。尽管网络安全在日常生活的几乎所有领域对所有人都越来越重要,但人们对安全网络实践以及用于保护自己免受攻击的工具和技术的认识存在很大的不平等。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Information and Computer Security
Information and Computer Security COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
4.60
自引率
7.10%
发文量
23
期刊介绍: Information and Computer Security (ICS) contributes to the advance of knowledge directly related to the theory and practice of the management and security of information and information systems. It publishes research and case study papers relating to new technologies, methodological developments, empirical studies and practical applications. The journal welcomes papers addressing research and case studies in relation to many aspects of information and computer security. Topics of interest include, but are not limited to, the following: Information security management, standards and policies Security governance and compliance Risk assessment and modelling Security awareness, education and culture User perceptions and understanding of security Misuse and abuse of computer systems User-facing security technologies Internet security and privacy The journal is particularly interested in receiving submissions that consider the business and organisational aspects of security, and welcomes papers from both human and technical perspective on the topic. However, please note we do not look to solicit papers relating to the underlying mechanisms and functions of security methods such as cryptography (although relevant applications of the technology may be considered).
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信