Assessing Information Security Culture from an Individual's Viewpoint: A Quantitative Measurement Approach

Abstract

In the increasingly advanced digital era, information security has become a highly important aspect for organizations across various sectors. Therefore, organizations need to adopt a comprehensive approach to managing information security, which encompasses technological aspects, policies and procedures, as well as information security culture. Information security culture refers to the values, norms, and attitudes related to information security within an organization. This research aims to fill the knowledge gap by developing a quantitative measurement approach that can assess individuals' perspectives on information security culture in Sukowono District. This study is a quantitative research using the dimensions of awareness, knowledge, compliance, and behavior as questionnaire variables. The questionnaire was developed after determining the variables and tested for validity and reliability. The research was conducted in one of the districts in Jember Regency. The results of this study show that the average total score for Awareness is 11.9117647 with an average dimension score of 3.9705882, Knowledge has an average total score of 12 with an average dimension score of 4, Compliance has an average total score of 11.76470588 with an average dimension score of 3.92156863, and Behavior has an average total score of 11.882353 with an average dimension score of 3.960784. The dimensions are ranked from lowest to highest as follows: compliance, behavior, awareness, and knowledge. Therefore, knowledge of information security holds the highest position among the four dimensions, while the compliance dimension holds the lowest position.