Security Awareness Research Articles

Building Patient Trust through Enhanced Data Security: A Saudi Arabian Hospital Case Study

Purpose: The study highlights the need for healthcare providers to prioritize the implementation of enhanced authentication mechanisms and consent management systems to align with patient expectations and build trust. Additionally, the research emphasizes the importance of addressing the knowledge gap among healthcare staff through mandatory training programs and clear communication strategies. The proposed action plan outlines concrete steps to enhance data security and transparency, positioning the hospital as a leader in safeguarding patient information. Methodology: A survey was conducted among patients in a private hospital setting to assess their perceptions and expectations regarding the security of their medical information. The survey explored patient awareness of data security risks, preferences for authentication methods, and views on consent protocols for accessing health records. Originality and implication: This study provides valuable insights into patient perspectives on data security within a private hospital setting, an area often overlooked in broader healthcare data security research. The findings have significant implications for healthcare providers, emphasizing the need to align security practices with evolving patient expectations to maintain trust and ensure the responsible handling of sensitive medical information. Keywords: Patient Data Security, Healthcare Data Privacy, Patient Consent, Authentication Methods, OTP Verification, Electronic Health Records, Security Awareness Training, Trust in Healthcare, Private Hospital Setting

Deciphering Smart Contracts, Legal Challenges, and Opportunities in Implementing Blockchain in the Property Sector in Indonesia

This research investigates the implementation of smart contracts in the Indonesian property sector, examining the legal opportunities and challenges involved. Blockchain technology offers high transparency, efficiency, and security in property transactions, but faces regulatory and infrastructural hurdles. The aim of this research is to explore the related legal dynamics, identify socio-economic impacts, and offer sustainable solutions. The research method employed is a qualitative legal approach to gather and analyze data. The findings indicate that although blockchain can expedite transaction processes and enhance transparency, the legal validity of smart contracts and consumer protection remain major issues. Regulatory updates and increased awareness of data security are necessary to optimize the adoption of this technology in Indonesia.Keywords: Blockchain., Property law., Regulation., Smart contracts., Transparency

Two Novel Semi-Quantum Secure Direct Communication Protocols in IoT

As Internet of Things (IoT) technology continues to advance, there is a growing awareness of IoT security within the industry. Quantum communication technology can potentially significantly improve the communication security of IoT devices. Based on semi-quantum cryptography and utilizing single photons, this paper introduces two semi-quantum secure direct communication (SQSDC) protocols for use in smart door locks. Protocol 1 is more efficient, and the efficiency analysis shows that the communication efficiency is as high as 28.57%. Security analysis demonstrates the asymptotic security of the protocols, effectively resisting intercept–measure–resend attacks and entangle–measure attacks from potential eavesdroppers. The extended SQSDC protocol (protocol 2) builds upon protocol 1 by enabling a single qubit to transmit two bits of information, resulting in a double efficiency outcome.

Method for raising personnel awareness of information security using the Gophish software application

In today’s cyberspace, where threats are constantly evolving, phishing attacks require special attention. They are one of the most common social engineering methods used to gain access to confidential information by manipulating users. Such attacks can lead to data breaches, financial losses, and reputational risks. One of the key problems is the lack of staff training in recognizing phishing threats. Traditional training methods do not provide adequate interactivity and realism, which reduces the effectiveness of awareness raising. To address this issue, new approaches are needed that model real-life cyberattack scenarios. The Gophish tool allows you to create personalized phishing campaigns that simulate real attacks and analyze user reactions. Its functionality includes creating email templates, sending messages, and collecting data on user interaction. This allows organizations to identify weaknesses, adjust training programs, and conduct additional training. The results show that using Gophish increases staff awareness of social engineering. Interactive simulations contribute to a better understanding of phishing threats and help users recognize the danger in time. Thanks to the analytics collected, management can quickly implement corrective measures. The development of artificial intelligence and machine learning opens up new opportunities for improving such tools. Future solutions will be able to adapt simulations to specific users, making training even more effective.

Mobile security awareness of university students in Hong Kong: demographics and education

PurposeThis research investigates mobile security awareness among university students in Hong Kong, who increasingly rely on mobile devices for their daily activities and academic needs. This research seeks to inform targeted educational strategies and policies to enhance mobile security practices among young adults, particularly in regions similar to Hong Kong, where mobile usage is extensively integrated into everyday life.Design/methodology/approachUtilizing an online survey, this research assessed the mobile security awareness of 407 university students from Hong Kong. The Mann-Whitney U-test and other statistical methods were employed to analyze differences in security awareness based on demographic factors such as IT background, gender, educational level and participation in mobile security courses.FindingsThe research revealed a generally high level of mobile security awareness compared to similar research in other regions. It also highlighted that despite no significant difference in awareness between genders, students from IT-related fields or those who participated in mobile security courses exhibit higher awareness levels. These findings underscore the impact of focused education and training on enhancing mobile security awareness.Originality/valueThis research contributes to the limited but growing body of literature on mobile security awareness from the end-user perspective, particularly among university students in the Asia Pacific region. It offers valuable insights for governments, educators and corporate policymakers worldwide, providing a basis for integrating mobile security education into broader academic and professional training programs.

Thematic Exploration and Analysis of Cybersecurity Policies of Businesses: An NLP-Based Approach

ABSTRACT Cybersecurity is a prime concern today for businesses due to the rapid increase in cyber-attacks, inadequate security controls, stricter regulations, and lack of security awareness among the workforce. A robust cybersecurity policy can address the security needs of businesses with directives on acceptable actions and behavior. Developing such a policy for business entities requires adequate skill and knowledge. Reviewing voluminous policy texts to identify best practices is also time-consuming. Therefore, the objective of this study is to provide a natural language processing (NLP)-based methodology that can quickly identify the significant topics and themes from the cybersecurity policies of leading global businesses. Text mining and Latent Dirichlet Allocation-based topic modeling technique have been used on cybersecurity policy-related textual contents obtained from 10 leading Fortune Global 500-listed business organizations and the extracted output is then mapped to the globally popular cybersecurity standard ISO/IEC 27,001:2022 to determine the relevancy. The study reveals significant topics and themes that can be used for the development or enhancement of cybersecurity policies to protect businesses from cyber threats.

Examining the Role of Organizational Culture in Shaping Security Practices: A Case Study of Tertiary Institutions

This study investigates the critical role of the human factor in enhancing organizational cybersecurity resilience, particularly within the context of tertiary institutions in Nigeria. As organizations increasingly depend on digital technologies, understanding how employee knowledge, behavior, and awareness impact information security is paramount. The research highlights the significant contribution of human error to security breaches, underscoring that even the most sophisticated technological defenses are vulnerable when individuals do not adhere to security protocols. Utilizing a comprehensive literature review, the study examines the implications of human behavior, including negligence and social engineering, on organizational security outcomes. Key findings indicate that insufficient training, lack of supervision, and poor understanding of security policies exacerbate vulnerabilities. Recommendations include implementing robust security awareness programs and ensuring that only qualified personnel teach keyboarding skills, as these practices can mitigate risks. Ultimately, the research advocates for a socio-technical approach to cybersecurity, emphasizing the need for collaboration between technical solutions and human factors to foster a more secure operational environment in the educational sector.

Exploiting self-evolutionary strategies of components for Dynamic Heterogeneous Redundancy

The network security situation is increasingly serious. Traditional security equipment like firewalls and intrusion detection systems cannot prevent unknown risks due to their passive nature. Dynamic Heterogeneous Redundancy (DHR) actively defends by switching the attack surface and confusing attackers, becoming essential in modern network defense. However, existing DHR approaches based on scheduling algorithms struggle under high-intensity attacks due to resource limitations. To overcome this weakness, we propose a Genetic Algorithm and Particle Swarm Optimization (GAPSO), a novel DHR architecture. GAPSO provides real-time security awareness of host components, maps potential attacker paths, and calculates the risk probability of each component. High-risk components evolve into others in the pool during attacks. Experiments show that GAPSO significantly reduces system risk compared to scheduling-based DHR and effectively delays the hacker’s attack lifecycle. Additionally, we developed a prototype system and evaluated it in a real network environment, obtaining positive results.

The Influence of Cyber Security Knowledge, Cyber Security Awareness, and Behaviour Protection on Intention to Use Among Mobile Banking Users in Jakarta

Businesses and individuals, especially banks, must use risk assessment methods and preventive measures to protect mobile banking application users. Looking at these events, the researcher aims to see whether cyber security awareness, knowledge & behavior protection of users affect the intention to use mobile banking applications and whether these three variables are important for mobile banking users to understand in maintaining the security of transactions using mobile banking which will test the influence of these 3 variables on users' interest in continuing to use mobile banking even though users know the high risk if there is negligence in carrying out these 3 things and believing in the security of the mobile banking system in Indonesia. The population of this study is people who work in Jakarta. The respondents' answers were taken using Google Docs and distributed in general. The researcher obtained a total of 130 respondents. The data was processed using SPSS 27 with the analysis method of validity, reliability, and hypothesis test including the R2 test, F test, and T-test.

The Impact of Russia-Ukraine Conflict on the Sales of Electric Vehicles in China

The Ukraine conflict has had a unique impact on EV sales growth in China, a key market for EV innovation and adoption. This study explores the correlation between geopolitical tensions and the surge in EV sales in China. Utilizing time series analysis methods, this paper assesses EV sales trends before and during the conflict. Coincidentally, the findings suggest that the conflict is driving growth in EV sales, likely due to a combination of factors, including increased awareness of energy security, a shift to sustainable transportation, and government incentives aimed at supporting the domestic EV industry. Quantitative analysis using an ARIMA model reveals that EV sales experienced an estimated increase of approximately 15% within the first six months following the onset of the conflict compared to pre-conflict projections. This significant uptick underscores how external geopolitical events can catalyze shifts in consumer behavior toward more sustainable alternatives. While sales are growing, the study also points to potential challenges such as supply chain disruptions and rising costs that could impact long-term growth. These challenges highlight the complex interplay between global political events and domestic market trends. The findings advise policymakers and industry players to remain vigilant and proactive to ensure continued growth in Chinas EV industry amidst these evolving dynamics.

How Cyber Security Enhances Trust and Commitment to Customer Retention: The Mediating Role of Robotic Service Quality

Cyber security is supportive of robotic service provision, the objective of which is to help marketers achieve their aim of providing a high level of service. Marketers need to be aware of cyber security issues and adhere to established cyber security policies. We investigate trust and commitment in relation to customer retention while assessing the mediating role of robotic service quality (RSQ). We employ a survey-based study that utilises 231 valid responses from customers in São Paulo, Brazil. To analyse the data, we used partial least squares structural equation modelling (PLS-SEM). The results show that trust and commitment have a positive impact on customer retention. RSQ has a partial mediation effect on the relationship between the latent constructs of trust, commitment, and customer retention. Thus, it can be suggested that RSQ, which embeds trust and commitment, assists in building a loyal customer base. Marketers outside the Latin American region can benefit from the results of this study since it incorporates cyber security awareness and policy within marketing strategy implementation, ensuring that RSQ is aligned in terms of the digitalisation goals of the company.

Data Security and Data Protection in Cloud Privacy Systems

In this modern world, the internet has become very influential in our daily lives. The Internet has many uses to solve various problems, one of which is full hardware storage, therefore the Internet provides software-based data, for example, cloud storage applications. The study aims to analyze and evaluate various data security techniques and protection methods used in the cloud computing framework, focusing on vulnerability identification, risk mitigation strategy assessment, and user security awareness improvement. In addition, this study aims to analyze data security techniques and data protection approaches applied to cloud systems. In addition, the study also assesses potential risks and mitigates security threats such as cyberattacks and data breaches. Using qualitative methodologies, the study investigated relevant literature, examined real-life cases of data breaches, and analyzed the effectiveness of security measures such as encryption and multi-factor authentication. The findings show that cloud systems remain vulnerable to cyber threats like DDoS attacks, credential theft, and data breaches due to inadequate security protocols. Key recommendations include adopting encryption, improved multi-factor authentication practices, and encouraging collaboration between cloud service providers and users to strengthen data security. The research contributes by proposing a comprehensive approach to improving data protection in cloud environments, ensuring a secure and resilient infrastructure for users. Implementing these findings will support the development of more secure cloud technologies and increase user confidence in data security practices. It is hoped that the study's results can provide recommendations to improve data security and data protection in cloud systems.

Investigating the Influential Factors of Ride-Hailing Usage Frequency in the Post-Pandemic Era

The COVID-19 pandemic has had an unprecedented impact on public travel and has significantly altered people’s travel behavior. By comparing the travel behaviors of ride-hailing passengers before and after the pandemic (i.e., the pre-pandemic era and the post-pandemic era), it is possible to effectively identify the changes in their travel patterns and thus deeply understand the changes in individual travel habits in the post-pandemic era. Using data collected in Nanjing, China, this paper develops two ordered logit models to examine the impact mechanism of multi-dimensional influential factors on the trip frequency of ride-hailing users before and after the pandemic. The results reveal the following: (1) Before the pandemic, the increase in waiting time promoted the usage frequency of ride-hailing users, while in the post-pandemic era, the increase in waiting time reduces the travel frequency of ride-hailing users. (2) Before the pandemic, the increase in prices led to a decrease in ride-hailing users’ usage frequency, while it presents a push effect in the post-pandemic era. (3) In the post-pandemic era, ride-hailing users are more concerned about personal safety, avoiding conversing with the driver and touching objects in the car. Finally, some strategies, such as increasing awareness of personal information protection and security, optimizing waiting times, and improving the hygiene standards of ride-hailing, are proposed to assist transportation network companies in operating and restoring ride-hailing services in the post-pandemic era.

DISRUPTIVE TECHNOLOGIES FOR EDUCATIONAL INNOVATION IN DELTA STATE AND ITS CYBER SECURITY IMPLICATIONS: A POST COVID-19 ASSESSMENT

Technology is everywhere and it’s changing the way things work, hence it is disruptive depending on its application and context. Disruptive technology introduces new markets and modifies existing ones, providing end users with better access, convenience, empowerment, choice, and value as well as competing with established models and practically transforming products and services. The COVID-19 pandemic necessitated a rapid shift to remote learning and the adoption of disruptive technologies in educational institutions worldwide, including Nigeria. Despite this, there is limited evidence investigating how different disruptive technologies and configurations associate with cyber security within the educational sector. This research work examines the association of disruptive technology and cyber security implications in the Delta State educational system during the post COVID 19 pandemic period. A cross sectional approach was used for data collection through questionnaires where 55 responses out of 80 respondents from some selected schools in Delta State were used. The results confirm some cyber threats on using disruptive technology in e-learning as phishing and identity theft. The respondent’s level of online satisfaction, cyber security awareness and performance was significantly associated with various independent variables such as e-learning platforms, online interaction, and privacy concerns. An understanding of these relationships will help educators and other stakeholders to prioritize legislation and regulations that will address such developments. The aim should not to over-regulate and consequently strangle them, but to envisage change, prepare for it, and set up appropriate regulatory frameworks to ensure societal balance.

Examining the Information Security Awareness Levels of Healthcare Workers and Their Attitudes Towards the Privacy of Electronic Health Records

Examining the Information Security Awareness Levels of Healthcare Workers and Their Attitudes Towards the Privacy of Electronic Health Records

Influence of Information Security Awareness on Information System Implementation in Manufacturing Industry in China

Information security is one primary function of any information management system, ensuring protection of sensitive information like financial data, customers’ credentials and intellectual property from unauthorized and illegal access. The present study, while emphasizing on an effective implementation of information system, aimed to examine the impact of information security awareness (ISA) on self-efficacy to comply (SEC), attitude towards compliance (ATC) and intention to comply (IC) and the role of these constructs on information system implementation in the manufacturing industry in China. The study also examined the mediation role of SEC, ATC and IC among ISA and information system implementation. Data was gathered through surveys responded by a sample of 357 employees of the manufacturing industry in China. To check the data reliability and association among variables, smart-PLS was used, which indicated that ISA had a positive impact on SEC, ATC and IC and these constructs, in turn, positively impacted information system implementation. The results also exposed that SEC, ATC and IC significantly mediate among ISA and information system implementation in the manufacturing industry in China.

A Study on Customers Awareness of E-Banking Cyber Security

A Study on Customers Awareness of E-Banking Cyber Security

Adolescent–provider relationship and perception of protection of health data: insights from the West Bank – Palestine – a qualitative study

ABSTRACT Adolescence is a crucial time for health decisions, where privacy and confidentiality, especially in Palestine, impact adolescents’ willingness to seek healthcare. This study aims to explore Palestinian adolescents’ experiences with health data protection and its impact on seeking healthcare. The findings revealed diverse perspectives on health, healthcare-seeking, and health data protection. Barriers include limited trust in healthcare providers, data security awareness, and privacy concerns, leading to hesitancy in sharing sensitive health information with healthcare providers and thus refraining from consulting them. Our study provides a sense of how Palestinian adolescents perceive privacy and confidentiality in healthcare and its impact on seeking healthcare. Adolescents in the West Bank – Palestine may face health challenges as their hesitation to seek care, driven by privacy concerns and reliance on less reliable health information, increases the risk of engaging in risky behaviours. Interventions and strategies are essential to promote better health outcomes for this population.

Cybersecurity in Banking and Finance : Navigating the Digital Threat Landscape

This comprehensive article explores the critical landscape of cybersecurity in the banking and finance sector, addressing the unique challenges financial institutions face in an increasingly digital world. It delves into the Cybersecurity Trilemma of high-value targets, complex IT infrastructure, and stringent regulatory compliance, highlighting the sector's vulnerability to sophisticated cyber threats. The article outlines key security measures, including data encryption, access control, data loss prevention, regular security audits, and incident response planning, supported by current industry statistics. It navigates the complex regulatory environment, discussing major compliance requirements such as GDPR, HIPAA, PCI DSS, GLBA, and CCPA. Finally, the article presents a framework for building resilient cybersecurity, emphasizing risk assessment, security awareness training, threat intelligence, continuous improvement, and regulatory collaboration. It provides financial institutions with a roadmap to safeguard their assets and maintain customer trust in the face of evolving cyber threats.

Crucial Elements in the Development of Cyber Security Strategies in Saudi Arabia

The digital world has gained significant importance in recent years, owing to its many advantages as well as the sheer volume of users, which is constantly increasing, including in both public and private organizations. Numerous hazards and vulnerabilities associated with this growth and advancement have been interfering from time to time. As a result, cybersecurity and protection measures have been implemented in different digital domains. The national security, the economy, business, and the everyday lives of people are constantly under threat due to the innate weaknesses in cyberspace and the continually growing threat of cyber attacks. The research paper highlights essential elements in developing and managing cyber security strategies in Saudi Arabia to strengthen security measures. To achieve this motive, a literature review has been done to explore the significance of cyber security elements such as security awareness through education, risk prevention, data management, network security in business and smart cities, and constant monitoring of security measures by analyzing previous studies so that Saudi Arabia can better develop its cyber security policies by incorporating these elements into latest policies. The use of Artificial Intelligence (AI) in cyber security is also being explored in this study due to the fast penetration of AI worldwide. This paper is also helpful for policymakers in designing national cyber security policies by examining the guidelines given at the end of the study.