Shadab , kalhoro (2024) Integrated sem-neural network approach to improve cybersecurity behaviour through cyber hygiene among employees of software development small and medium-sized enterprises (SMES). PhD thesis, UTAR.
Abstract
In today's digital landscape, organizations heavily rely on information technology to enhance their services, yet this reliance also exposes them to cybersecurity threats. The Fourth Industrial Revolution (IR 4.0) has ushered in opportunities but also challenges, notably the rise of cybercrime. Cyberattacks are escalating globally, affecting diverse sectors, and placing industries at risk. According to recent statistic of Malaysia Computer Emergency Response Team (MyCERT- 2023): 62% of cyber incidents are online fraud, 8.6% is Malicious code, 14% intrusion detection, and 10 % is content related. Taking a deeper dive into the issues Cyber Security Malaysia provided a statistical report in 2023 and observed that a substantial 85.23% of the threat feeds related to Malaysia are occupied by malware concerns. Conversely, the remaining 14.77% encompasses phishing-related elements, including phishing URLs, IP addresses, and domains. Malaysia's Cyber Security Strategy 2020–2024 warns of potential losses amounting to RM 51 billion due to cybersecurity incidents, although the actual figures might be higher due to underreported incidents. Small and Medium-sized Enterprises (SMEs), particularly in software development, are prime targets for cybercriminals. Human behaviour within these organizations often becomes a vulnerability, as employees' lack of awareness and negligence lead to security breaches. Many SMEs lack sufficient investment in cybersecurity, awareness, and robust policies, making them susceptible to attacks. To overcome this issue, good cyber hygiene behaviour and practices can assist in reducing the threats and improve cybersecurity.This research explores the cyber hygiene behaviour of employees in Malaysian software development SMEs and providing the best cyber hygiene practices to keep safe their passwords, information, and defenses against cyberattacks. Utilizing the Theory of Planned Behaviour (TPB), the study investigates the relationship of knowledge sharing, attitudes, subjective norms, perceived behavioural control, threat appraisal, cyber hygiene knowledge, perceived value, cyber trust, personality traits, and intention concerning cyber hygiene behaviour. Hypothetical relationship is developed in this thesis to comprehensively explore cyber hygiene behaviour. As used in this thesis, TPB was supposed to give sufficient information and understanding about end users' intentions towards cyber hygiene. The research adopts a two-step approach, combining Structural Equation Modelling (SEM) and Neural Network (NN) analysis, to analyze the factors shaping cyber hygiene behaviour. The study's quantitative research approach targets Malaysian software development SMEs, focusing on Selangor, Kuala Lumpur, Johor, Perak, and Penang. Data were gathered from employees of SME software enterprises in these regions and analyzed using Smart-PLS and SPSS software. Results indicate that subjective norm, perceived behavioural control, and cyber hygiene knowledge do not significantly impact cyber hygiene intention. However, threat appraisal, perceived cyber hygiene value, cyber trust, and personality traits play significant roles in shaping employees' cyber hygiene intentions, providing comprehensive insights into cyber hygiene behaviour. This study holds critical implications for software development SMEs, emphasizing the need for enhanced knowledge, awareness and behaviour change among employees of Malaysian software development SMEs to mitigate cybersecurity risks. This research has the global COVID-19 pandemic posed challenges in physically collecting data from respondents The limitation of this research involved the difficulty and time-consuming nature of finding suitable respondents during the online data collection process. The absence of physical presence led to challenges in tracking genuine responses, particularly as respondents tend to overlook questionnaires on online platforms this impacting overall data collection efficiency.
Actions (login required)
![[img]](http://eprints.utar.edu.my/style/images/fileicons/application_pdf.png)
