| dc.description.abstract | Information Security awareness initiatives are seen as critical to any information security
programme. Organizations are highly dependent on information management and processes and
this creates a level of security alert. Statistics show that most security breaches are the result of
insider misconduct, as opposed to hacking by outsiders. Often this insider misconduct is the
result of ignorance rather than malfeasance. (Rhodes, 2015)
It is therefore important to train users on the importance of information security and follow the
policies that are in place to protect that data from theft, loss or damage. This training creates
another level of defense for an organization.
The research problem was that despite the fact that NSE conducted information security
awareness programs to its users; there was lack of a model to measure whether the information
security awareness was at an acceptable level on its users. This was deemed to be the weakest
link in this security control measure.
The objectives of this research were to; establish techniques used to impart information systems
security awareness and their effectiveness and also to establish the extent to which NSE measure
their information systems security awareness levels.
However, the main question was how to determine the effectiveness of these awareness
initiatives. Does awareness training have a direct influence on the security behavior of
individuals, and what is the direct benefit of awareness training?
The research presented a theory-based literature review of the approaches used within Nairobi
Stock Exchange Automated Trading System users‘ on information security awareness. And to
what extent does information security awareness training influence information security
behavior?
From the validations, it can be stated that the study was a success. Further study on the field is
highly encouraged to explore other possibilities in this field of Information Security awareness. | en_US |
