Impact of Information Security Policies on Security Breach Incidences in Kenyan Public Universities: An Observational Approach

Abstract

The aim of this study was to investigate the Impact of Information Security Policies on Security Beach incidences in Kenyan public universities. Information security policies are designed to safeguard network resources from security breaches.  The objectives of the study were: to investigate if there is a relationship between network security policies and information security breach incidents, to determine the relationship between server security policies and information security breach incidents, to investigate if there is a relationship between application security policies and information security breach incidents and to investigate the impact of information security policies on information security breach incidents. The study utilized a questionnaire to collect primary data from IT personnel in public universities with regard to their perceptions of how information security policies affect computer security breach incidents. A simple random sampling was used to identify 200 IT employees from public universities in Kenya. Pearson correlation analysis was used to study the relationships between the variables. Independent t-tests (2-tailed) and ANOVA test were used to determine the level of significance. According to the results of the study, there is a weak relationship between information security policies and security breach incidences. The study hopes to add to the body of academic knowledge in the public educational institutions in Kenya where information repository is a resource.