Comprehension of cyber threats and their consequences in Slovenia

Abstract

Mobile devices are used more and more frequently. We discovered that students do not use their mobile devices just for private purposes but also for work related tasks; furthermore, they use their private mobile devices to access various information systems and corporate data that can be classified, or marked as trade secrets, personal data or professional secrecy. Individuals who are granted authorised access to these types of data are obliged to protect them from unauthorised access and cyber threats. In our survey, we tried to find out how well students were aware of the existing information security threats to mobile devices and to the data which they access through mobile devices. The results of our survey and criminal law analysis have shown us that the student population is not well aware of security threats and security measures. Because the user of a mobile device can be held criminally responsible for the loss of data that he or she had accessed by using the mobile device, even though he or she is not aware of security threats and protective measures against them, we believe that it will be necessary to encourage users to educate themselves about the new cyber threats that are typically targeting mobile devices, and also to familiarise themselves with the methods of protecting their mobile devices. To this purpose, organisations should implement internal regulations and continuously educate mobile device users about their safe usage in accordance with organisational standards.