The Role of Knowledge and Attitudes in Shaping Incident Reporting Behaviors in Mobile Banking
Keywords:
mobile banking application, information security, incident reporting, knowledge, attitudeAbstract
The growing reliance on mobile banking has brought convenience to users but also heightened security risks, making the analysis of users' knowledge, attitudes, and behaviors toward information security incident reporting critical. This study investigates these dimensions within the context of mobile banking in Indonesia, aiming to bridge gaps between awareness and action. A survey involving 430 respondents was conducted, utilizing an instrument adapted from the Human Aspect of Information Security Questionnaire (HAIS-Q). Statistical analyses, including Cronbach's alpha, composite reliability, and Average Variance Extracted (AVE), were employed to validate the constructs. The results reveal that while respondents exhibit high levels of knowledge (mean = 4.21) and positive attitudes (mean = 4.20), their proactive reporting behaviors are relatively low (mean = 3.26). Path coefficient analysis indicates that knowledge strongly influences attitudes (0.722) but has a weaker direct impact on behaviors (0.162). Gender differences also play a significant role, affecting knowledge and behavior. These findings underscore the need for targeted interventions, including enhanced training, supportive reporting cultures, and robust monitoring mechanisms, to mitigate risks and improve incident reporting practices. Future research should explore psychological and technological factors to further enhance mobile banking security.
Downloads
References
. D. Baltuttis, T. Teubner, and M. T. P. Adam, "A typology of cybersecurity behavior among knowledge workers," Computers & Security, vol. 140, p. 103741, 2024. [Online]. Available: https://doi.org/10.1016/j.cose.2024.103741
. Q. An, W. C. H. Hong, X. Xu, and others, "How education level influences internet security knowledge, behaviour, and attitude: a comparison among undergraduates, postgraduates and working graduates," International Journal of Information Security, vol. 22, pp. 305–317, Apr. 2023. [Online]. Available: https://doi.org/10.1007/s10207-022-00637-z
. A. Smith et al., "Minimizing the fallout from security breaches: The role of prompt incident reporting," International Journal of Cybersecurity, vol. 21, no. 3, pp. 112–125, 2023.
. Cybersecurity and Infrastructure Security Agency, "Cybersecurity Incident Response," Department of Homeland Security, 2024. [Online]. Available: https://www.cisa.gov/cybersecurity-incident-response
. R. Jones and K. Lee, "The critical importance of timely reporting in protecting sensitive data," Data Protection Quarterly, vol. 8, no. 4, pp. 67–80, 2022.
. T. Brown and J. Taylor, "Learning from security incidents: Enhancing organizational resilience," Cyber Defense Review, vol. 10, no. 3, pp. 98–110, 2023.
. M. Garcia and P. Martinez, "Transparency and trust: Reporting security breaches to stakeholders," Journal of Information Security, vol. 17, no. 1, pp. 45–59, 2023.
. L. Wang et al., "Enhancing coordinated incident response through comprehensive reporting," Cyber Threat Intelligence Review, vol. 11, no. 2, pp. 77–91, 2023.
. K. Parsons, D. Calic, M. Pattinson, M. Butavicius, A. McCormac, and T. Zwaans, "The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies," Computers & Security, vol. 66, pp. 40-51, May 2017, doi: 10.1016/j.cose.2017.01.004.
. J. C. Nunnally, Psychometric Theory, 2nd ed. New York: McGraw-Hill, 1978.
. C. Lee, J. Kim, and S. Park, "Evaluating scale reliability: A comprehensive review," Journal of Quantitative Research Methods, vol. 14, no. 3, pp. 234–246, 2022.
. J. F. Hair, W. C. Black, B. J. Babin, and R. E. Anderson, Multivariate Data Analysis, 8th ed. Cengage Learning, 2021.
. C. Fornell and D. F. Larcker, "Evaluating structural equation models with unobservable variables and measurement error," Journal of Marketing Research, vol. 18, no. 1, pp. 39–50, 1981.
. P. Johnson and X. Wang, "Convergent and discriminant validity in measurement models: A practical guide," Journal of Measurement Science, vol. 11, no. 2, pp. 112–128, 2023.
. N. Alkhazi, M. Alomari, and A. Basalamah, "Assessment of the impact of information security awareness training methods on knowledge, attitude, and behavior," Journal of Information Security Research, vol. 14, no. 3, pp. 234–246, 2022. [Online]. Available: https://www.researchgate.net/publication/366380248
. Q. An, W. C. H. Hong, X. Xu, and others, "How education level influences internet security knowledge, behaviour, and attitude: a comparison among undergraduates, postgraduates, and working graduates," International Journal of Information Security, vol. 22, pp. 305–317, 2023. [Online]. Available: https://doi.org/10.1007/s10207-022-00637-z
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 TeIKa
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
The submitting author warrants that the submission is original and that she/he is the author of the submission together with the named co-authors; to the extend the submission incorporates text passages, figures, data or other material from the work of others, the submitting author has obtained any necessary permission.
Articles in this journal are published under the Creative Commons Share Alike Attribution Licence (CC-BY-SA What does this mean?). This is to get more legal certainty about what readers can do with published articles, and thus a wider dissemination and archiving, which in turn makes publishing with this journal more valuable for you, the authors.
By submitting an article the author grants to this journal the non-exclusive right to publish it. The author retains the copyright and the publishing rights for his article without any restrictions.
