Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail
This research aimed to study the perceived threats of information security, their frequency of occurrence and the perceived main source of information security threats in Malaysian academic libraries. Utilising the relevant literature, a possible list of information security threats were listed and...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Published: |
2012
|
Subjects: | |
Online Access: | http://studentsrepo.um.edu.my/5537/1/roesnita_FSKTM.pdf http://studentsrepo.um.edu.my/5537/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.um.stud.5537 |
---|---|
record_format |
eprints |
institution |
Universiti Malaya |
building |
UM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Malaya |
content_source |
UM Student Repository |
url_provider |
http://studentsrepo.um.edu.my/ |
topic |
Z665 Library Science. Information Science |
spellingShingle |
Z665 Library Science. Information Science Ismail, Roesnita Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail |
description |
This research aimed to study the perceived threats of information security, their frequency of occurrence and the perceived main source of information security threats
in Malaysian academic libraries. Utilising the relevant literature, a possible list of information security threats were listed and investigated. In addition, the researcher also studied the levels of implementation of information security measures in these academic libraries. The information security measures were grouped into five (5) components that represent the proposed library information security assessment model (LISAM). The five (5) components included the technological measures, information security policies, security procedures, security methods and security awareness creation activities. The researcher also studied the differences between the academic libraries in applying information security measures based on the type of university, number of staff, years in ICT adoption, yearly information security budget, availability of information system (IS) security staff and availability of wireless connection. Data used was based on structured questionnaires collected from a total of 39 individuals who were responsible for the information systems (IS) or information technology (IT) in academic libraries in
Malaysia. The pilot test and the actual data collection indicated all the five components in the instruments are reliable with cronbach alpha correlation coefficients above α = 0.60. Findings revealed that hardware security threats (70.0%), human-related threats (66.0%) and environmental threats (51.0%) were perceived as the most common
information security threats in Malaysian academic libraries. However, data security threat was perceived as the least threatening to these academic libraries. There were slightly high frequencies of occurrence of hardware maintenance errors, use of unauthorised hardware and malicious code attacks in these academic libraries. Parallel
with the existing research findings, hardware and software failures (56.4%) as well as human-related threats (41.0%) were perceived as the main root causes of information
security incidents in these academic libraries. Most of technological measures for hardware, software, workstation, network, server, data and environmental security have
been implemented and reviewed on regular basis in these academic libraries. This study found significant differences among academic libraries in Malaysia in applying technological measures due to yearly information system’s security budget and availability of information systems (IS) security staff. However, most of information
security procedures, information security administrative tools and information security awareness creation were rated at Level 2 (Only some part of measures have been
implemented), these findings were discouraging as rating of Level 4 (Implemented and reviewed on regular basis) and Level 5 (Fully implemented and recognised as good example for other libraries) would be better reflection of a well implemented organisational measures in libraries. This study found significant differences among academic libraries in Malaysia in applying the organisational measures due to number of staff, yearly information system security budget and availability of information system (IS) security staff. With regard to the overall security status of information security management in Malaysian academic libraries based on the proposed information security assessment tool for libraries, findings revealed that half of those academic libraries (55.3%) surveyed have good practice of technological security measures but require improvement on organisational measures. This may be due to the over-emphasis on technology as the sole solution to information security problems in these academic libraries. Therefore, it is necessary to put organisational measures in
place as relying on technology alone will not solve the information security problems effectively. |
format |
Thesis |
author |
Ismail, Roesnita |
author_facet |
Ismail, Roesnita |
author_sort |
Ismail, Roesnita |
title |
Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail |
title_short |
Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail |
title_full |
Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail |
title_fullStr |
Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail |
title_full_unstemmed |
Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail |
title_sort |
assessing information security management in malaysian academic libraries / roesnita binti ismail |
publishDate |
2012 |
url |
http://studentsrepo.um.edu.my/5537/1/roesnita_FSKTM.pdf http://studentsrepo.um.edu.my/5537/ |
_version_ |
1738505802404069376 |
spelling |
my.um.stud.55372015-06-12T02:51:16Z Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail Ismail, Roesnita Z665 Library Science. Information Science This research aimed to study the perceived threats of information security, their frequency of occurrence and the perceived main source of information security threats in Malaysian academic libraries. Utilising the relevant literature, a possible list of information security threats were listed and investigated. In addition, the researcher also studied the levels of implementation of information security measures in these academic libraries. The information security measures were grouped into five (5) components that represent the proposed library information security assessment model (LISAM). The five (5) components included the technological measures, information security policies, security procedures, security methods and security awareness creation activities. The researcher also studied the differences between the academic libraries in applying information security measures based on the type of university, number of staff, years in ICT adoption, yearly information security budget, availability of information system (IS) security staff and availability of wireless connection. Data used was based on structured questionnaires collected from a total of 39 individuals who were responsible for the information systems (IS) or information technology (IT) in academic libraries in Malaysia. The pilot test and the actual data collection indicated all the five components in the instruments are reliable with cronbach alpha correlation coefficients above α = 0.60. Findings revealed that hardware security threats (70.0%), human-related threats (66.0%) and environmental threats (51.0%) were perceived as the most common information security threats in Malaysian academic libraries. However, data security threat was perceived as the least threatening to these academic libraries. There were slightly high frequencies of occurrence of hardware maintenance errors, use of unauthorised hardware and malicious code attacks in these academic libraries. Parallel with the existing research findings, hardware and software failures (56.4%) as well as human-related threats (41.0%) were perceived as the main root causes of information security incidents in these academic libraries. Most of technological measures for hardware, software, workstation, network, server, data and environmental security have been implemented and reviewed on regular basis in these academic libraries. This study found significant differences among academic libraries in Malaysia in applying technological measures due to yearly information system’s security budget and availability of information systems (IS) security staff. However, most of information security procedures, information security administrative tools and information security awareness creation were rated at Level 2 (Only some part of measures have been implemented), these findings were discouraging as rating of Level 4 (Implemented and reviewed on regular basis) and Level 5 (Fully implemented and recognised as good example for other libraries) would be better reflection of a well implemented organisational measures in libraries. This study found significant differences among academic libraries in Malaysia in applying the organisational measures due to number of staff, yearly information system security budget and availability of information system (IS) security staff. With regard to the overall security status of information security management in Malaysian academic libraries based on the proposed information security assessment tool for libraries, findings revealed that half of those academic libraries (55.3%) surveyed have good practice of technological security measures but require improvement on organisational measures. This may be due to the over-emphasis on technology as the sole solution to information security problems in these academic libraries. Therefore, it is necessary to put organisational measures in place as relying on technology alone will not solve the information security problems effectively. 2012 Thesis NonPeerReviewed application/pdf http://studentsrepo.um.edu.my/5537/1/roesnita_FSKTM.pdf Ismail, Roesnita (2012) Assessing information security management in Malaysian academic libraries / Roesnita binti Ismail. PhD thesis, University of Malaya. http://studentsrepo.um.edu.my/5537/ |
score |
13.211869 |