Information Security from the Users' Perspective on Awareness, Experience and Policy
Keywords:
Awareness, Cybersecurity, Phenomena, Phishing, Cyber Security, user behaviorAbstract
This study investigates information security from the users' perspective, focusing on their awareness, experiences with cybersecurity phenomena, and perceptions of security policies. With the increasing reliance on digital platforms, cybersecurity threats, including data breaches and account compromises, pose significant risks to individuals. A survey involving 104 respondents was conducted to gather data on their demographic profiles, experiences with data breaches, and frequency of digital service usage. Data analysis using SmartPLS revealed that user Awareness significantly and positively influences their Security practices (β = 0.675, p = 0.000) and also impacts their perception of cybersecurity Phenomena (β = 0.466, p = 0.001). Furthermore, Security practices were found to significantly influence the perception of Phenomena (β = 0.291, p = 0.019). The model explained a moderate portion of the variance in Security (R²= 0.456) and Phenomena (R²= 0.486). Despite a high percentage of respondents having received cybersecurity socialization (76%), nearly half (49%) reported experiencing data breaches, indicating a gap between knowledge and practical application. This research concludes that user awareness is central to fostering better security practices and a heightened understanding of cyber threats. Recommendations are thus focused on practical, behavior-oriented procedures to bridge this knowledge-action gap, supported by community outreach activities.
References
H. Taherdoost, “A Critical Review on Cybersecurity Awareness Frameworks and Training Models,” Procedia Comput. Sci., vol. 235, pp. 1649–1663, 2024, doi: 10.1016/j.procs.2024.04.156.
T. Moore, “The NIST Cybersecurity,” p. 32, 2024, [Online]. Available: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf
F. Ferdynandus, J. Natu Prihanto, and W. Winarno, “Implementing NIST Framework and the People, Process, Technology approach in Indonesian Financial Services,” Int. J. Eng. Contin., vol. 3, no. 1, pp. 172–182, 2024, doi: 10.58291/ijec.v3i1.265.
A. K. Rama, Suharjito, and E. Gunawan, “Evaluation of IT Governance Implementation Using COBIT 5 Framework and ISO 38500 at Telecommunication Industries,” Proc. 2020 Int. Conf. Inf. Manag. Technol. ICIMTech 2020, no. May, pp. 453–457, 2020, doi: 10.1109/ICIMTech50083.2020.9211275.
T. Toifur, Kusrini, and A. Budi, “Evaluation of Information Technology Governance Using COBIT 5 and ISO/IEC 38500,” J. Online Inform., vol. 7, no. 1, pp. 17–27, 2022, doi: 10.15575/join.v7i1.814.
M. I. Rosyidin, “Metode Indeks Keamanan Informasi (KAMI) terhadap Keamanan Informasi,” no. April, 2023, [Online]. Available: https://www.researchgate.net/publication/370098700
S. Nugroho and T. Rochmadi, “Analysis of Information Security Readiness Using the Index KAMI,” Decod. J. Pendidik. Teknol. Inf., vol. 4, no. 3, pp. 881–886, 2024, doi: 10.51454/decode.v4i3.602.
J. F. Hair, B. J. Babin, C. M. Ringle, M. Sarstedt, and J.-M. Becker, “Covariance-based structural equation modeling (CB-SEM): a SmartPLS 4 software tutorial,” J. Mark. Anal., no. 0123456789, 2025, doi: 10.1057/s41270-025-00414-6.
Y. Haji-Othman, M. S. Sheh Yusuff, and M. N. Md Hussain, “Data Analysis Using Partial Least Squares Structural Equation Modeling (PLS-SEM) in Conducting Quantitative Research,” Int. J. Acad. Res. Bus. Soc. Sci., vol. 14, no. 10, pp. 2380–2388, 2024, doi: 10.6007/ijarbss/v14-i10/23364.
A. K. Rama, Suharjito and E. Gunawan, "Evaluation of IT Governance Implementation Using COBIT 5 Framework and ISO 38500 at Telecommunication Industries," 2020 International Conference on Information Management and Technology (ICIMTech), Bandung, Indonesia, 2020, pp. 453-457, doi: 10.1109/ICIMTech50083.2020.9211275.
M. Malatji, "Management of enterprise cyber security: A review of ISO/IEC 27001:2022," 2023 International Conference On Cyber Management And Engineering (CyMaEn), Bangkok, Thailand, 2023, pp. 117-122, doi: 10.1109/CyMaEn57228.2023.10051114.
Helmiawan, M. A., Firmansyah, E., Fadil, I., Sofivan, Y., Mahardika, F., & Guntara, A. (2020). Analysis of web security using open web application security project 10. 2020 8th International Conference on Cyber and IT Service Management
Helmiawan, M. A., Julian, E., Cahyan, Y., & Saeppani, A. (2021). Experimental evaluation of security monitoring and notification on network intrusion detection system for server security. 2021 9th International Conference on Cyber and IT Service Management (CITSM ….
Helmiawan, M. A., Fadil, I., Sofiyan, Y., & Firmansyah, E. (2021). Security model using intrusion detection system on cloud computing security management. 2021 9th International Conference on Cyber and IT Service Management (CITSM ….
Helmiawan, M. A., & Nasution, A. I. (2022). The Effect of Internet Banking Use and Customer Protection Against Cyber Crime at Bank Rakyat Indonesia. Journal of Islamic Economics and Business, 2(2), 170–183.