Education, Online Presence and Cybersecurity Implications: A Study of Information Security Practices of Computing Students in Saudi Arabia

Abstract

Information technology is considered as a key enabler to achieve “education for all” as a sustainable development goal; however, involvement in the education sector has introduced security risks along with benefits. Students’ exposure to the internet has increased the probability of cybersecurity attacks. To foster a more sustainable use of technology, it is crucial that students are made aware of information security risks and can keep themselves protected in the online sphere. In this paper, we present the results of a cross-sectional study that explores information-security awareness among students in Saudi Arabia. Empirical data were collected using an online questionnaire and a factor analysis was conducted using partial least-squares structured equation modelling. Based on the existing literature, we focused on four key constructs: password management, infrastructure management, email management, and the perception of security. The results of this study have highlighted that email management and infrastructure management were seen as relevant factors, whereas password management and the perception of security were not considered relevant factors by the respondents. We have also chalked out recommendations to improve cybersecurity awareness among students. The findings of this study will potentially help educational institutions and parents to prepare students in adopting security practices while they are online.