Abstract:
Finding more sophisticated and effective solutions to protect data and information systems against advanced security threat is essential in both theory and practice. Technologies and laws are evolved to have more useful, robust and smarter protection methods. Also, researchers investigate human element of information security to measure people’s behavior and security awareness level. In this study, whether employees are capable to be a part of information security protection in their companies is investigated. Firstly, effect of information security familiarity on security incident awareness is discussed, then how security incident awareness affects security behavior is attempted to analyze. Implications of this study can help to improve employees’ behavior without any distinction between professions as well as information security awareness education and training programs. For this purpose, detailed literature review has been conducted and research model has been developed. Primary data source of this study is a survey. In order to develop questions for the survey, security experts’ opinion has been consulted besides literature studies. An online survey has been conducted on employees who work in companies located in Turkey. Totally 315 responses have been used to conduct analyses which have been applied to test five hypotheses proposed in this study.
