Analyzing the Correlation Between Employee Security Awareness and Cyberattack Vulnerability: A Quantitative Study - UTU Research Portal

A4 Refereed article in a conference publication

Analyzing the Correlation Between Employee Security Awareness and Cyberattack Vulnerability: A Quantitative Study

Authors: Ahmadi, Mostafa; Ramezankhani, Mehdi; Kakavand, Mohsen; Tahir, Mohammad

Editors: Arai, Kohei

Conference name: Future Technologies Conference

Publisher: Springer Nature Switzerland

Publication year: 2024

Journal: Lecture notes in networks and systems

Book title : Proceedings of the Future Technologies Conference (FTC) 2024, Volume 4

Journal name in source: Lecture Notes in Networks and Systems

Volume: 1157

First page : 195

Last page: 211

ISBN: 978-3-031-73127-3

eISBN: 978-3-031-73128-0

ISSN: 2367-3370

eISSN: 2367-3389

DOI: https://doi.org/10.1007/978-3-031-73128-0_13

Web address : https://doi.org/10.1007/978-3-031-73128-0_13

Abstract

The incorporation of digital technologies into organizational operations has become essential in the fast-paced digitalization era, but it has also increased cybersecurity threats. Despite technological progress, human error continues to be a major cause of cybersecurity breaches. This study investigates the connection between cyberattack vulnerability in the digital age and staff security knowledge. Drawing from existing literature, a quantitative research design was employed, involving a structured questionnaire administered to employees across various organizations. Descriptive and inferential statistical analyses were conducted to examine the impact of security knowledge on cyberattack success. The results reveal significant differences between individuals with IT-related job titles, denoted as experts, and non-experts in various cybersecurity domains. Experts demonstrated a consistently cautious approach to security threats, displayed a better understanding of security protocols, and exhibited higher levels of security awareness and training engagement. Additionally, cybersecurity questionnaire results were highly impacted by employment and demographic parameters, highlighting the need to foster cybersecurity awareness among staff members. Future studies should examine how modern technologies affect cybersecurity procedures to develop preventative strategies against constantly changing cyber threats. This study emphasizes how important employee security education is to lower the danger of cyberattacks and how important it is for companies to prioritise cybersecurity awareness and training programs in the ever-evolving digital ecosystem.