Predicting the Implementation Level of Cybersecurity Policies Based on User Awareness and Experience
Abstract
The advancement of information technology has brought numerous conveniences but also introduced various cyber threats such as phishing, malware, and DDoS attacks. Amid the rising wave of digital attacks in Indonesia, public awareness of information security remains relatively low. This study aims to analyze the influence of awareness and experience with cyber incidents (phenomena) on perceptions of information security policies (security). A quantitative approach was employed using PLS-SEM, with data processed through SmartPLS 4. Data were collected from 104 respondents via an online questionnaire. The results show that both awareness and phenomena have a positive and significant effect on security, with path coefficients of 0.313 and 0.563, respectively (p-value < 0.001), and an R-squared value of 0.670. These findings underscore the importance of both educational and experiential approaches in shaping user perceptions and enhancing the effectiveness of information security policies in digital environments.
References
L. A. Febrika Ardy, I. Istiqomah, A. E. Ezer, and S. N.a Neyman, “Phishing di Era Media Sosial: Identifikasi dan Pencegahan Ancaman di Platform Sosial,” J. Internet Softw. Eng., vol. 1, no. 4, p. 11, 2024, doi: 10.47134/pjise.v1i4.2753.
T. Vimy, S. Wiranto, R. Rudiyanto, P. Widodo, and ..., “Ancaman Serangan Siber Pada Keamanan Nasional Indonesia,” J. …, vol. 6, no. 1, pp. 2319–2327, 2022, [Online]. Available: http://journal.upy.ac.id/index.php/pkn/article/view/2989
M. Mikail Ziyad and S. Widodo, “Analisis Keamanan Jaringan dan Perlindungan Data Terhadap Serangan Siber di Perusahaan Luar Sekolah,” J. Penerapan Sist. Inf. (Komputer Manajemen), vol. 5, no. 2, pp. 623–628, 2024.
A. Zulfikri, F. P. E. Putra, M. A. Huda, H. Hasbullah, M. Mahendra, and M. Surur, “Analisis Keamanan Jaringan Dari Serangan Malware Menggunakan Filtering Firewall Dengan Port Blocking,” Digit. Transform. Technol., vol. 3, no. 2, pp. 857–863, 2023, doi: 10.47709/digitech.v3i2.3379.
H. P. Fitrian, L. Abidah, K. W. Zahra, W. H. Hafidudin, T. Informatika, and U. T. Digital, “Serangan Phishing Di Jaringan Perbankan,” JATI (Jurnal Mhs. Tek. Inform., vol. 9, no. 2, pp. 1888–1892, 2025.
D. Auliafitri, E. RizkiSuro, M. R. M. Malik, and A. Setiawan, “Optimalisasi Pengujian Penetrasi: Penerapan Serangan MITM (Man in the Middle Attack) menggunakan Websploit,” J. Internet Softw. Eng., vol. 1, no. 3, p. 12, 2024, doi: 10.47134/pjise.v1i3.2620.
Makbull Rizki, “Perkembangan Sistem Pertahanan/Keamanan Siber Indonesia dalam Menghadapi Tantangan Perkembangan Teknologi dan Informasi,” Polit. J. Ilmu Polit., vol. 14, no. 1, pp. 54–62, 2022, doi: 10.32734/politeia.v14i1.6351.
N. Hidayasari, P. Nuranisa, and M. Iqbal Husaini, “Analisis Penerapan Aspek Keamanan Informasi CIA Triad Pada Sistem Informasi Akademik Nurmi,” Semin. Nas. Ind. dan Teknol., no. November, pp. 90–103, 2024.
Helmiawan, M. A., Fadil, I., Sofiyan, Y., & Firmansyah, E. (2021). Security model using intrusion detection system on cloud computing security management. 2021 9th International Conference on Cyber and IT Service Management
Helmiawan, M. A., & Nasution, A. I. (2022). The Effect of Internet Banking Use and Customer Protection Against Cyber Crime at Bank Rakyat Indonesia. Journal of Islamic Economics and Business, 2(2), 170–183.
A. H. H. Harahap, C. D. Andani, A. Christie, D. Nurhaliza, and A. Fauzi, “Pentingnya Peranan CIA Triad Dalam Keamanan Informasi dan Data Untuk Pemangku Kepentingan atau Stakholder,” J. Manaj. dan Pemasar. Digit., vol. 1, no. 2, pp. 73–83, 2023, doi: 10.38035/jmpd.v1i2.34.
H. Daulan, “‘Peran CIA (Confidentiality, Integrity, dan Availability) dalam Keamanan Informasi,’” no. June, pp. 0–8, 2024.[11] K. Siti, S. E. Rahayu, M. Ak, and A. Ca, Keamanan Digital Dalam Audit Pajak: Integrasi Cyber Security dengan CRM, BDA, dan BI untuk Revolusi Compliance. 2023.
R. D. Hapsari and K. G. Pambayun, “ANCAMAN CYBERCRIME DI INDONESIA: Sebuah Tinjauan Pustaka Sistematis,” J. Konstituen, vol. 5, no. 1, pp. 1–17, 2023, doi: 10.33701/jk.v5i1.3208.
F. N. Sitorus and R. Harwahyu, “Analysis of Employee Capacity Gap in Managing Network Security and Its Implementation Towards Insider Threat Prevention,” MALCOM Indones. J. Mach. Learn. Comput. Sci., vol. 5, no. 2, pp. 635–644, 2025, doi: 10.57152/malcom.v5i2.1878.
F. Rofika et al., “Cybersecurity : Jenis Serangan Dan Bagaimana Peretas Melakukannya Serta Langkah Pengamanannya,” J. Pengabdi. Kpd. Masy., vol. 2, no. 03, pp. 347–350, 2024, [Online]. Available: https://jurnalmahasiswa.com/index.php/appa
F. P. E. Putra, S. A. A. Sugi, K. Mufidah, and Y. R. Febriani, “Analysis of Cyber Attacks on Network Security,” J. Inf. dan …, vol. 6, pp. 4–7, 2024, doi: 10.60083/jidt.v6i2.569.
R. A. A. Obrina Candra Briliyant, “RENCANA PENERAPAN CYBER-RISK MANAGEMENT MENGGUNAKAN NIST CSF dan COBIT 5,” J. Sist. Inf., vol. 14, no. 2, pp. 83–89, 2018.
A. Supriyanto, A. Jananto, J. A. Razaq, and B. Hartono, “Alignment of KAMI Index with Global Security Standards in Information Security Risk Maturity Evaluation Alignment of KAMI Index with Global Security Standards in Information Security Risk Maturity Evaluation,” no. June, 2025, doi: 10.2478/cait-2025-0018.
Helmiawan, M. A., Firmansyah, E., Fadil, I., Sofivan, Y., Mahardika, F., & Guntara, A. (2020). Analysis of web security using open web application security project 10. 2020 8th International Conference on Cyber and IT Service Management
Helmiawan, M. A., Julian, E., Cahyan, Y., & Saeppani, A. (2021). Experimental evaluation of security monitoring and notification on network intrusion detection system for server security. 2021 9th International Conference on Cyber and IT Service Management