Empirical study on ICT system´s users´ risky behavior and security awareness

In this study authors gathered information on ICT users from different areas in Croatia with different knowledge, experience, working place, age and gender background in order to examine today´s situation in the Republic of Croatia (n=701) regarding ICT users´ potentially risky behavior and security awareness. To gather all desired data validated Users´ Information Security Awareness Questionnaire (UISAQ) was used. Analysis outcome represent results of ICT users in Croatia regarding 6 subareas (mean of items): Usual risky behavior (x₁=4.52), Personal computer maintenance (x₂=3.18), Borrowing access data (x₃=4.74), Criticism on security in communications (x₄=3.48), Fear of losing data (x₅=2.06), Rating importance of backup (x₆=4.18). In this work comparison between users regarding demographic variables (age, gender, professional qualification, occupation, managing job position and institution category) is given. Maybe the most interesting information is percentage of questioned users that have revealed their password for professional e-mail system (28.8%). This information should alert security experts and security managers in enterprises, government institutions and also schools and faculties. Results of this study should be used to develop solutions and induce actions aiming to increase awareness among Internet users on information security and privacy issues.