Search results

1 – 1 of 1
Open Access
Article
Publication date: 12 August 2024

Martina Neri, Elisabetta Benevento, Alessandro Stefanini, Davide Aloini, Federico Niccolini, Annalaura Carducci, Ileana Federigi and Gianluca Dini

Information security awareness (ISA) mainly refers to those aspects that need to be addressed to effectively respond to information security challenges. This research used focus…

Abstract

Purpose

Information security awareness (ISA) mainly refers to those aspects that need to be addressed to effectively respond to information security challenges. This research used focus groups to empirically investigate the main ISA dimensions that emerge from the Italian public health-care sector. This study aims to identify the most critical dimension of ISA and to evaluate the diffusion and maturity of information security policies (ISPs) of health-care infrastructure and training programs.

Design/methodology/approach

This research adopted a qualitative research design and focus groups as a research methodology. Data analysis was conducted using the NVIVO 14 software package and followed the principles of thematic analysis.

Findings

The focus group results highlighted that health-care personnel find it difficult to comply with the main ISA dimensions, a situation that leads to risky behaviors. Password management, data storage and transfer and instant messaging applications emerged as the most critical of the main ISA dimensions in the context of this research. It also transpired that ISPs are not all-encompassing as they mainly focus on privacy problems but neglect security concerns. Finally, training programs are not fully implemented in the investigated context, thus undermining their positive enhancing role for ISA.

Originality/value

The public health-care sector emerged as a critical yet still under-investigated context. The need for an in-depth investigation of organizational sciences approaches to overcoming information security challenges is also recommended in several prior research studies.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

Access

Only Open Access

Year

Content type

1 – 1 of 1