The Effect of Applying Information Security Awareness Concept of MOH Employees on Cybersecurity Department – Ministry of Health –Riyadh

Abstract

The proposed study focuses on the effect of applying the concept of information security awareness of MOH employees on the cybersecurity department at the Ministry of Health in Riyadh. The researcher used the descriptive analytical method in order to achieve the study objectives and used a questionnaire for collecting data. The study sample consisted of around (430) of MOH employees. The results of the study showed a high level of agreement on answering its questions. The study yielded numerous recommendations; it stressed that spreading the culture of awareness on the importance of personal information, through holding workshops, is considered as the most effective way to reduce cybersecurity risks. Also, it showed that the cybersecurity department is keen to develop guidelines to be followed by employees in order to limit the sharing of personal information and that paramount importance should be attached to the human element by familiarizing it with the tricks used by cybercriminals. In addition, the cybersecurity department is keen to create an electronic archive that includes monitoring and recording of cybersecurity incidents and should encourage employees to view this archive and consider it as a means of exchanging knowledge and raising awareness. Moreover, it is imperative to use the contribution of information security experts in order to design awareness programs. In addition, advanced technical training should be directed to employees to keep pace with the rapid development in methods and techniques of information crime. The researcher achieved various design of training and education program.