Information Technology (IT) Users in Tertiary Education Institutions in Bulawayo, Zimbabwe: Case of Security Awareness

Abstract

Information Technology (IT) expansion exposes organisations in developing countries to IT security risks. Zimbabwe’s tertiary education institutions (TEIs) are not spared. Every year, cyber-attacks increase and become more sophisticated, resulting in losses of personal and financial data for individuals, organisations and governments. As the world is interconnected, small and big organisations share the same internet platform. Therefore, IT security risks that affect one, affect all. When IT users are unaware of the risks and uninformed of ways to protect their IT systems, they remain vulnerable. Like other organisations in Zimbabwe, TEIs are vulnerable to cyber-attacks. The study that directed this article employed a quantitative methodological approach in the collection of the data and its analysis. A sample of 261 respondents was selected from the population of IT users in TEIs in Bulawayo. The results indicated that IT security awareness of IT users in TEIs in Bulawayo is low. This is evidenced by the low IT drivers’ contribution towards building IT users’ security awareness, and inadequate implementation and utilisation of IT security awareness tools. The prevailing phenomenon exposes TEIs in Bulawayo to a high risk of cyber-attacks. The results indicated a positive and significant correlation between IT security drivers’ contribution and IT security awareness tools utilisation in TEIs in Bulawayo. The implication is that an increase in IT security drivers’ contribution and IT security awareness tools utilisation will lead to increased IT security awareness. The study recommends that IT drivers double their contribution towards building IT security awareness through adequate implementation and utilisation of IT security awareness tools. This will safeguard the information that tertiary education institutions generate.