Abstract
In our increasingly digitized and interconnected society, people are poorly protected against cyberthreats, with the main reason being user behavior. Human behavior and actions are unpredictable in nature and this make human an important element and enabler of cybersecurity. The objective of the study is promotion of adoption of non-technical countermeasures (such as user awareness) for a comprehensive and holistic way to manage cyber security in organizations in Cameroon. We conducted a subjective study to measure the level of employees’ knowledge and general awareness, risky behavior they engage in, and attitude toward various aspects of cybersecurity and cyberthreats to show the need for user education, training, and awareness. For the study described in this paper, a self-report questionnaire was developed and data were collected from 214 participants. The results of a descriptive statistic percentage indicated that less than 50% of respondents have completed or has regular training program. We find that over 61% of the participants do not have sufficient knowledge of their organization cyber security policies. Among other findings, the over 60% of employees’ mistakes or violations of security policy are not disciplined or penalized is a demonstration of lack of legal status of cyber-attacks. Cyber resilience in any organization is a responsibility shared by both management and employees. Proactive human management element that can actively hunt for malicious activity and indicators of compromise is recommended.
Highlights
Cybersecurity has become crucial topic in Cameroon because cyber threats have become a very common occurrence in everyday life
To determine which cybersecurity controls and associated cyberthreats should be included in the questionnaire, the research adopted questions from previous questions raised by Pew Research Center’s cyber security quiz (Olmstead & Smith, 2017), the ISO 27002 standard (ISO27002, 2017), Security Behaviors Intentions Scale [Security Behavior Intentions Scale (SeBIS)] (Egelman & Peer, 2015), Risky cybersecurity behaviors scale (RScB - partly based on the SeBIS developed by Egelman & Peer, 2015), Aljohani and Elfadil (2020) and Attitudes towards cybersecurity and cybercrime in business (ATC-IB) (Hadlington, 2018) and (Elbelekia, 2020)
Creating and communicating cybersecurity awareness and security best practices culture is imperative in the fight against malicious intent
Summary
Cybersecurity has become crucial topic in Cameroon because cyber threats have become a very common occurrence in everyday life. Cybersecurity can be defined as the efforts organizations take to protect and defend their information assets, regardless of the form in which those assets exist, from threats internal and external to the organization According to Jeimy and Cano (2019), humans represent a mystery to be deciphered by cybersecurity experts because their behaviors, attitudes, beliefs, rituals and decisions (the general characteristics that define a culture) constitute a little-understood universe for executives and their heads of security. Insider threat from human behavior is one of the most difficult aspects of cybersecurity to control. Humans are the dominant security decision-makers in the face of cyber-attacks
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
