Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/136740
|
Title: | 職場資訊安全意識研究-以台灣地區為例 A Research of Information Security Awareness in Workplace: Case in Taiwan |
Authors: | 吳松晏 Wu, Sung-Yen |
Contributors: | 陳立民 Chen, Li-Ming 吳松晏 Wu, Sung-Yen |
Keywords: | 資訊安全意識 資訊安全管理 台灣職場 Information Security Awareness Information Security Management Taiwan workplace |
Date: | 2021 |
Issue Date: | 2021-08-04 16:39:53 (UTC+8) |
Abstract: | 有鑒於現今多數企業無論是辦公事務抑或是提供之服務等,幾乎已離不開資訊科技,再加上近期為控制新冠疫情配合實施在家上班的企業數量也有上升的趨勢。因此員工的資安意識將影響企業的資訊安全防護是否能確實實施。本研究調查台灣地區在職人士之資安意識,並研究員工之知識、態度及行為之間彼此的關聯性及這三項因素與資訊安全管理之間的關聯性,資訊安全管理則擬以資訊安全定義當中的三要素機密性、完整性以及可用性作為因子。研究資料搜集方式採取將線上問卷藉由各社群平台發佈取得,統計方法則採取多元線性迴歸進行相關性之分析。研究結果顯示知識、態度及行為彼此之間皆有顯著的相關。而此三項因素與資訊安全管理因素之間,則僅有態度及行為與企業資訊的機密性及完整性具有顯著的相關性。 According to the fact that almost every business is not able to run without information technologies nowadays, plus there are also more and more corporations start the work-from-home policy due to the COVID-19, information security awareness (ISA) among employees starts playing a big part in protecting business information. We did the research on the ISA among Taiwanese employees. In addition, we also analyzed the relationship among their knowledge of IS, attitudes toward IS, behavior relate to IS (KAB), and Information Security Management (ISM). When it comes to ISM, there are three factors included, which confidentiality, integrity and availability are. Data was collected with the online survey questionnaire through social medias, and multiple linear regression was used for data analysis. The findings indicating that there’re significant relationship between knowledge, attitude and behavior. On the other hand, the correlation between KAB and ISM, only attitude and behavior found to be significantly influencing confidentiality and integrity of business information. |
Reference: | 李茂能,(2006)。結構方程模式軟體Amos之簡介及其在測驗編製上之應用。台北:心理出版社股份有限公司。 李宗翰,2020資安重大事件回顧。2021年1月14日,檢自:https://www.ithome.com.tw/voice/142236 邱皓政,(2011)。當PLS遇上SEM:議題與對話。αβγ量化研究學刊,3卷1期, 20-53。 周峻佑,中油與台塑遭攻擊事件的受害規模,首度被媒體揭露。2020年5月18日,檢自:https://www.ithome.com.tw/news/137685 陳正昌、程炳林、陳新豐、劉子鍵,(2005)。多變量分析方法-統計軟體應用。台北: 五南圖書出版有限公司。 黃芳銘,(2007)。在學青少年手機消費忠誠度-消費者社會化的觀點。αβγ量化研究學刊,1卷,123 – 150。 謝清俊,(1996)。談資訊的定義與性質。「資訊科技與社會轉型學術研討會」中研院社會學籌備處。 iThome,【2018年臺灣企業儲存大調查:新興儲存應用】公有雲儲存總額比重仍然有限,但過去一年出現50%高成長。2018年11月9日,檢自:https://www.ithome.com.tw/article/126794 Babakus, E., and Mangold, W. G. (1992). Adapting the SERVQUAL scale to hospital services: an empirical investigation, Health Services Research, Vol. 26 No. 6, 767-786. Bentler, P. M., and Bonett, D. G. (1980). Significance tests and goodness of fit in the analysis of covariance structures, Psychological Bulletin, Vol. 88 No. 3, 588–606. Bentler, P. M. (1983). Some contributions to efficient statistics in structural models: Specification and estimation of moment structures, Psychometrika, Vol. 48, 493-517. Browne, M. W., and Cudeck, R. (1992). Alternative Ways of Assessing Model Fit, Sociological Methods and Research, Vol. 21 No. 2, 230-258. Browne, M. W., and Arminger, G. (1995). Specification and Estimation of Mean- and Covariance-Structure Models, Plenum Press, NY: Handbook of Statistical Modeling for the Social and Behavioral Sciences, 185-249. Buttle, F. (1996). SERVQUAL: review, critique, research agenda. European Journal of Marketing, Vol. 30 No. 1, 8-32. David, D. P., Keupp, M. M., and Mermoud, A. (2020). Knowledge absorption for cyber-security: The role of human beliefs. Computers in Human Behavior, Vol 106. Doll, W. J., Xia, W., and Torkzadeh, G. (1994). A Confirmatory Factor Analysis of the End-User Computing Satisfaction Instrument, MIS Quarterly Vol. 18 No. 4, 453-461. Farooq, A. (2013). Information Security Awareness Assessment: A Case of University of Turku, University of Turku in Finland: Master of Science (Tech.) Thesis. Finstad, K. (2010). Response Interpolation and Scale Sensitivity: Evidence Against 5-Point Scales, Journal of Usability Studies, Vol. 5, 104-110. Flores, W. R., Antonsen, E., and Ekstedt, M. (2014). Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture. Computers & Security, Vol 43, 90-110. Gillam, A. R., and Tad Foster, W. (2020). Factors affecting risky cybersecurity behaviors by U.S. workers: An exploratory study. Computers in Human Behavior, Vol 108. Hair, J., Black, W., Babin, B., Anderson, R., and Tatham, R. (2006). Multivariate Data Analysis (6th ed.), Upper Saddle River, NJ: Pearson Prentice Hall. Hadlington, L. (2017). Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon, Volume 3, Issue 7. Herath, T., and Rao, H. (2009). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness, Journal of Decision Support System, Vol. 47, 154-165. Hofstede, G. (1980). Culture and Organizations, International Studies of Management & Organization, Vol. 10, 15-41. Hofstede, G. (1980). Motivation, leadership, and organization: Do American theories apply abroad? Organizational Dynamics, Vol. 9, 42-63. Hu, L., and Bentler, P. M. (1999). Cutoff criteria for fit indexes in covariance structure analysis: Conventional criteria versus new alternatives, Structural Equation Modeling: A Multidisciplinary Journal, 1-55. Hughes-Lartey, K.; Qin, Z.; Botchey, F.E.; Dsane-Nsor, S. (2020). An Assessment of Data Location Vulnerability for Human Factors Using Linear Regression and Collaborative Filtering. Information, 11, 449. Jenkins, G. D., and Taber, T. D. (1977). A Monte Carlo study of factors affecting three indices of composite scale reliability, Journal of Applied Psychology, Vol. 62 No. 4, 392-398. Jöreskog, K. G., Sörbom, D. (1996). LISREL 8: User`s Reference Guide, Lincolnwood, IL: Scientific Software International, Inc. Kaur, J., and Mustafa, N. (2013). Examining the effects of knowledge, attitude and behaviour on information security awareness: A case on SME, International Conference on Research and Innovation in Information Systems (ICRIIS), 286-290. Kennison Shelia M., Chan-Tin Eric. (2020). Taking Risks With Cybersecurity: Using Knowledge and Personal Characteristics to Predict Self-Reported Cybersecurity Behaviors. Frontiers in Psychology, Vol 11, 3030. Kim, Se-Kang. (2015). Re: Can we perform EFA before we confirm the model via CFA? Retrieved from: https://www.researchgate.net/post/Can_we_perform_EFA_before_we_confirm_the_model_via_CFA/54be6022d5a3f250538b472d/citation/download. Kruger, H., and Kearney, W. (2005). Measuring information security awareness: A West Africa gold mining environment case study. Proceedings of the 2005 ISSA Conference. Johannesburg, 1-10. Kruger, H. A., and Kearney, W. D. (2006). A prototype for assessing information security awareness, Journal of Computers and Security, Vol. 25, 289-296. Kruger, H., and Kearney, W. (2008). Consensus ranking – An ICT security awareness case study. Computers & Security, 254–259. Kruger, H., Drevin, L., and Steyn, T. (2010). A vocabulary test to assess information security awareness, Journal of Information Management and Computer Security, Vol. 18 No. 5, 316-327. Lissitz, R. W., and Green, S. B. (1975). Effect of the number of scale points on reliability: A Monte Carlo approach, Journal of Applied Psychology, Vol. 60 No. 1, 10-13. Mancha, R., and Dietrich, G. (2007). Development of a Framework for Analyzing Individual and Environmental Factors Preceding Attitude toward Information Security. AMCIS 2007 Proceedings, 178. Marsh, H. W., and Balla, J. (1994). Goodness of fit in confirmatory factor analysis: The effects of sample size and model parsimony, Quality and Quantity, Vol. 28, 185-217. McCormac, A., Calic, D., Butavicius, M., Parsons, K., Zwaans, T., and Pattinson, M. (2017). A reliable measure of information security awareness and the identification of bias in responses. Australasian J. Inf. Syst., 21. McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., and Pattinson, M. (2017). Individual differences and information security awareness. Computers in Human Behavior, 69, 151–156. McKelvie, S. J. (1978). Graphic rating scales — How many categories? British Journal of Psychology, 185-202. McLeod, R., and Schell, G. (2007). Management Information Systems, London: Pearson Education. Nunnally, J. C. (1978). An Overview of Psychological Measurement, Clinical Diagnosis of Mental Disorders, 97-146. Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., and Jerram, C. (2014). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q), Journal of Computers and Security, Vol. 42, 165-176. Posthumus, S., and von Solms, R. (2004). A framework for the governance of information security, Computers and Security, Vol. 24, 638-646. Remmers, H. H., Ewart, E. (1941). Reliability of multiple-choice measuring instruments as a function of the Spearman-Brown prophecy formula, III. Journal of Educational Psychology, Vol. 32 No. 1, 61-66. Safa, N. S., and Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, Volume 57, 442-451. Schumacker, R. E., Lomax, R. G. (2004). A Beginner`s Guide to Structural Equation Modeling, Mahwah, NJ: Lawrence Erlbaum Associates, Inc. Schlienger, T., and Teufel, S. (2003). Analyzing information security culture: increased trust by an appropriate information security culture, 14th International Workshop on Database and Expert Systems Applications, 405-409. Steiger, J. H. (1990). Structural Model Evaluation and Modification: An Interval Estimation Approach, Multivariate Behavioral Research, Vol. 25 No. 2, 173-180. Sugawara, H. M., and MacCallum, R. C. (1993). Effect of Estimation Method on Incremental Fit Indexes for Covariance Structure Models, Applied Psychological Measurement, Vol. 17 No. 4, 365-377. Stanton, J., Mastrangelo, P., Stam, K., and Jolton, J. (2004). Behavioral Information Security: Two End User Survey Studies of Motivation and Security Practices, AMCIS 2004 Proceedings. 175. Thomson, M. E., and von Solms, R. (1998). Information security awareness: educating your users effectively, Information Management & Computer Security, 167-173. Yi, Q., and Hohashi, N. (2019). Comparison of perceptions of domestic elder abuse among healthcare workers based on the Knowledge-Attitude-Behavior (KAB) model. PLOS ONE 14(1): e0210916. CYBER ATTACK TRENDS: 2020 MID-YEAR REPORT, Retrieved July 22 2020, from https://research.checkpoint.com/2020/cyber-attack-trends-2020-mid-year-report/ |
Description: | 碩士 國立政治大學 企業管理研究所(MBA學位學程) 108363103 |
Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0108363103 |
Data Type: | thesis |
DOI: | 10.6814/NCCU202100897 |
Appears in Collections: | [企業管理研究所(MBA學位學程)] 學位論文
|
Files in This Item:
File |
Description |
Size | Format | |
310301.pdf | | 1731Kb | Adobe PDF2 | 0 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|