Evaluation of employees’ cybersecurity awareness at legal parastatal organisation

Abstract

As is the case with many organisations worldwide, both private and public, legal parastatal organisation is growing increasingly reliant on information technology and the internet. The potential risk of cyber-attacks that a contemporary organisation like legal parastatal organisation faces needs a thorough assessment of their employees’ awareness of cyber security in order to establish the cybersecurity measures that are consistent with evolving corporate experience. The goal of this study was to determine the level of cybersecurity awareness among employees at a legal parastatal organisation, as well as the impact of cybersecurity awareness on the risk management systems of the organization. Understanding variables impacting cybersecurity awareness and analysing the impact of cybersecurity awareness on risk management systems at legal parastatal organisations were the study's secondary aims. The final goal was to provide credible recommendations for future efforts to increase cybersecurity awareness. Employee cybersecurity awareness and the most prominent cybersecurity vulnerabilities were studied in the literature review. The chapter evaluates the influence of cybersecurity awareness on risk management systems and concludes by discussing strategies for enhancing cybersecurity awareness. A total of 550 employees from the organisation participated in this cross-sectional study. The study adopted a quantitative research approach, using an online survey instrument to collect data. The data was analysed using the IBM SPSS Statistic software, version 28.0.0.0 (190). The study's objectives were accomplished through the use of descriptive statistics, correlation, and multiple regression analysis. According to the results of the analysis, legal parastatal organisation has a high level of cybersecurity awareness as well as effective risk management practices. Moreover, correlation analysis showed that there is a positive correlation between cybersecurity awareness and risk management practices. In addition, multiple regression analysis revealed that the level of cybersecurity at the legal parastatal organisation could be used to predict the level of risk management in the organisation. The implication of these results is that organisations can improve risk management systems by focusing on improving risk management practices. Several strategies can be used to improve cybersecurity awareness. These include the development and implementation of cybersecurity awareness policies and procedures for employees, as well as the training and development of personnel in risk management. One of the limitations of the study is its delimitations, which means that the only focus of this study was cybersecurity awareness as a predicting factor for risk management. However, risk management is a complex phenomenon that is caused by several factors other than cybersecurity awareness, such as organisational culture and the type of organisation (public or private). These factors were not considered in this study. Future researchers may wish to focus on some of them to build on the results of this study.