Exploring Libyan Higher Education Institutions Employees’ Information Security Policy Awareness

Abstract

Incidents of data breach in higher education could harm students since the exposure of sensitive student data (e.g., social security numbers) could twist students into victims of identity theft and endanger their identities. Regrettably, while most of the developed countries have standard information security laws apply to higher education institutions, such laws are still in its infant stage in developing countries like Libya. However, there are established policies documented by Libyan authorities to guide employees against information security breach, yet existing higher education institutions’ information security awareness models did not investigate these policies into the awareness programs. Consequently, employees will rely on policies that can subvert the security best practice. This study aimed to explore the level of understanding of Libyan information security policies among employees of higher education institutions. The quantitative technique is applied in this research, 196 employees of Libyan higher education institutions were randomly surveyed to respond to Linker information security policy awareness questionnaire. Using SPSS statistics tools, a descriptive analysis of the data is achieved. The findings of the study revealed that employees of Libyan higher education institutions are much aware of Internet Usage and Workstation security policies.