Faculty of Maritime Studies

Rijeka

Electronic and Information Technology in the Maritime

Impact of education on security practices in ICT

Luka Draščić & Leon Luketić

Year of study: 1st year of study

Project supervisor: Professor Božana Knežević & Jasmina Jelčić, MA

Date of submission:

2015 / 2016
Student project – Impact of education on security practices in ICT

Impact of education on security1 practices in information and communication

technology (ICT) is the title of scientific paper that was made by two authors, Atila
Bostan and Ibrahim Akman. Both mr. Bostan and mr. Akman are professors on Atilim
university in Ankara, Turkey and they work in the department of computer
engineering. They were inspired to research the impact of education on security
practies in ICT products because security of informations and data represents a big
issue these days and because there were not many evidences about that subject despite
numerous literature. The main reason for that is because most literature provides
studies on approaches for teaching information security. User security awarness has
been rated as the most vulnerable spot in the security chain. Therefore, this study
investigates only the impact of education level on user security awarness in using ICT
products. This scientific paper was published in Tehnički vjesnik - Technical gazette
in volume 22., number 1 in 2015. Tehnički vjesnik - Technical gazette is magazine
that publishes only scientific and expert works which are from field of mechanical,
electrical or civil engineering but also from other close related fields such as computer
engineering.

Computer networks, for example internet, provide a lot of benefits, such as

developing and enhancing business processes, communication and easy access to
various informations. Therefore, a large number of firms are using computer networks.
However, handling business and sharing informations in a public environment, such as
internet network, brings about security problems. Data needs to be handled in a secure
and trusted way to assure the business confidentiality and privacy. The success of
information systems security depends largely on end-user behavior and awareness.
Members of Turkish Chamber conducted a survey of 23 questions among 466
participants. Respondents were ordinary citizens that belong to different groups in the
society since the survey was conducted in big shopping malls in Ankara and on
different days of the week. Survey of 23 questions were later combined and gave 13
factors which were used in analysis. Questions were about usage patterns in personal-
computer, web and e-mail security and general questions about information
technology. All questions were sorted in three groups: computer usage and security,
web usage and security and e-mail usage and security and therefore are total of 9
alternative hypothesis2. All collected answers from respondents were processed by
using statistical methods such as ANOVA3 and Chi-square4.

1
Security refers to the processes and methods which are designed to protect confidential and private data from
unauthorized access, use, and disruption.
2
Alternative hypothesis is hypothesis used in hypothesis testing that is contrary to the null hypothesis.
3
Analysis of variance is statistical method which is used for comparing variance between groups and variance of
each group.
4
Chi-square is a test method which is used for determinding deviation between observed appearance and
expected appearance (hypothesis). It shows probability of connection between two variables.

1|P age
Student project – Impact of education on security practices in ICT

Chi-square test results between variables age and computer security awareness
indicate significant differences (Chi-square=97,1). This means that it is a very high
probability that age will affect on computer security. Unfortunately, correlation5 is not
given for this connection so we do not know what is the amout of connection between
these variables. Our personal opinions are that this connection was predictable because
ICT is relatively new technology. In this survey elder people are considered people
who are more than 40 years old. We agree with this selection because we believe that
40 years is a lower limit over which people start to adapt more difficult to innovations
in general, and so in ICT innovations. This applies only for people whose profession is
not related with ICT. Of all respondents, 66% reported as unemployed. This includes
students, elderly and simply unemployed people . We think that this group of people
should have been separated and analyzed individually because it could be easily
misunderstood. Public sector employees seem to be less security-aware in all three
categories (computer, web and email). We believe that something should be
undertaken about this question because people who are from public sector are more
vulnerable while using ICT. Authorities of water supply in Istria called „Istarski
vodovod“ have noticed this problem and they started free and mandatory ICT course
for their employees who have more than 40 years. The course was about operating
systems, internet, email and applications programs which are included in Microsoft
Office package. We believe that other public sector organizations should have courses
similar to mentioned one in order to improve usage and security practices in ICT.

In all three categories (computer, web and e-mail) security of using ICT
products, web is identified as the weakest one in each category: gender, age and job
sector. Additionally, test results showed that younger generations use computer more
frequently. Last and the most important bit of information that was shownin the test
results of this survey is that higher levels of education result in higher levels of
computer usage and awareness of computer security, web usage and awareness of web
security and e-mail usage and awareness of e-mail security.

Authors wanted their work to be understandable by a wide range of people so

they did not use strictly vocational vocabulary. However, there are words that are less
used in general English such as: to scrutinize, to fluctuate or proliferation. The most
used grammatical tenses are Present Simple which is used to express facts about ICT
and results. Also, Past Simple is used when authors referred to their research and
methods that were used for conducting their survey. Article was written with
American English and this can be concluded by words „program“ and „behavior“
which come from American English vocabulary.

5
Correlation coefficient shows amount or degree of connection between two variables.

2|P age
Student project – Impact of education on security practices in ICT

This study has done it's main purpose and that was to statistically show that
education, sector of working and age are important factors in ICT usage and security.
Results of this study are supported by studies of Tekerek & Tekerek, Ferguson &
Eyong and many others. They all suggest that information security education should
be put in schools in order to enhance security in digital environments. Our personal
opinions are matching with the opinions of Ferguson and Eyong and that is that
theoretical education without useful practices has a minor contribution on secure usage
of ICT. We believe that people can not prevent unauthorized listening or hacking but
they can make it harder if they are following basic tips such as not using the same
password for every internet service and using more complex passwords. People should
also continuously inform themselves about ICT security so that they can recognize
hacking and report to the authorities. If people would follow mentioned tips they
would be safer while using ICT.

3|P age
Student project – Impact of education on security practices in ICT

References:

[1] A. Bostan, I. Akman, Impact of education on security practices in ICT, 2015.

[2] Alternative Hypothesis, http://mathworld.wolfram.com/AlternativeHypothesis.html
(4.4.2016.)
[3] Analysis of variance, https://en.wikipedia.org/wiki/Analysis_of_variance (19.3.2016.)
[4] B. Petz, Osnove statističke metode za nematematičare, Naklada Slap, 1997.

4|P age