Behavioral Security: Investigating the Attitude of Nursing Students Toward Security Concepts and Practices

Introduction

In today’s knowledge-based economy, Information and Communication Technology (ICT) is no longer an optional ‘add-on’ or a ‘nice to have’ supporting tool for existing organizational practices. Instead, it tends to be a necessity for every organization that struggles to remain competitive in its corresponding marketplace and expand its scope of business influence. The same necessity applies not only to business-oriented organizations, but to every institutional entity that provides services of any kind. This evolution of ICT in organizations acts as a framework for promoting the quality of services provided, and consequently achieving operational excellence.

Despite the obvious direct and indirect advantages, there are also several security related concerns in current information-oriented organizations (Herath & Rao, 2009). Ensuring information integrity requires continuous monitoring and the protection of information assets is a first class priority within modern organizational structures. Information Systems (IS) are playing a key role in information security, as they are the actual medium for data handling (Ng & Xu, 2007). With regards to IS software applications, they are mainly classified either as “preventive/protective” or “beneficial”, depending on their operational use (Chenoweth, Minch, & Gattiker, 2009; Dinev & Hu, 2005). Typical examples of beneficial applications include word processing, spreadsheets and other similar software. On the contrary, preventive software includes a diversity of applications that provide protection over certain types of threats (Chenoweth et al., 2009; Dinev & Hu, 2005). Typical examples of such software include firewalls, intrusion prevention or detection systems, anti malware (ad-aware, spyware, virus, worm, etc.) software and other.