The Impact of Employees Social Media Use on Corporate Cyber Security Posture

Frankline Makokha

doi:https://doi.org/10.59232/CYS-V2I2P101

Research Article | Open Access | Download Full Text

Volume 2 | Issue 2 | Year 2024 | Article Id: CYS-V2I2P101 DOI: https://doi.org/10.59232/CYS-V2I2P101

The Impact of Employees Social Media Use on Corporate Cyber Security Posture

Frankline Makokha

Received	Revised	Accepted	Published
04 Apr 2024	06 May 2024	28 May 2024	12 Jun 2024

Citation

Frankline Makokha. “The Impact of Employees Social Media Use on Corporate Cyber Security Posture.” DS Journal of Cyber Security, vol. 2, no. 2, pp. 1-8, 2024.

Abstract

This paper sought to establish the impact of employee's social media use on the corporate cyber security posture. The behavioural metrics used in the study include the impact of accessing private social media accounts using the same computing tool used for work-related duties, the linkage of personal accounts hacking to consequent successful work systems hacking, the connection of personal devices to corporate systems and the impact of corporate-sponsored training on cyber security posture. The adopted research design involved collection of primary data via a set of questions requirement a yes or no response. The paper used a cross-sectional study as the study design, with a questionnaire as the research method and online administration of the questionnaire as the research technique. The study sample was computed using the Yamane formula, which gave a sample size of 400 participants, from which the response rate to the questionnaires was 62%. An analysis of the responses showed that there is a high correlation between accessing private social media accounts while working using the same computing device with increased chances of corporate cyber attacks. There is also a statistical linkage between an employee’s private email account having been hacked or impersonated, as well as connecting private computing devices to the company’s systems (internet, printers) to execute either official duties or private. Those who reported having been facilitated with cyber security training reported lower cyber attacks on their corporate systems than those who reported having been facilitated with cyber security training by the companies they work for. It is therefore advised that companies deter employees from accessing private social media accounts and executing official duties using the same computing devices, private devices are not connected to corporate systems, and basic cyber security training is facilitated to all employees.

Keywords

Cyber security, Cyber security posture, CIA, Yamane formula, Social media.

References

[1] ITU, Recommendation X.1205: Overview of Cybersecurity, ITU Standard, 2008. [Online]. Available: https://www.itu.int/rec/t-rec-x.1205-200804-i

[2] Ajitabh Ambastha et al., “Implication of Cyber Security in a Digital Economy: Learning from Corporate Sector with Special Reference to BFSI,” Artificial Intelligence for Sustainable Finance and Sustainable Technology, pp. 543-552, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[3] Sagar Ajay Rahalkar, Certified Ethical Hacker (CEH) Foundation Guide, New York City: Apress, pp. 85-87, 2016.

[CrossRef] [Google Scholar] [Publisher Link]

[4] N.A. Khan, A. Saeed, and M. Yousuf, CEH v10: EC-Council Certified Ethical Hacker Complete Training Guide with Practice Questions & Labs: Exam: 312-50, England: IP Specialist LTD., pp. 46-48, 2018.

[Publisher Link]

[5] Australian Signals Directorate, “The Commonwealth Cyber Security Posture in 2022,” Australian Government, Technical Report, 2022.

[Publisher Link]

[6] K. Graves, CEH: Certified Ethical Hacker Study Guide, Indianapolis, Indiana, Wiley Publishing, Inc, pp. 344-350, 2010.

[Google Scholar]

[7] Intel Security, Mcafee Labs Threats report, 2015. [Online]. Available: https://scadahacker.com/library/Documents/Threat_Intelligence/McAfee%20-%20Threat%20Report%202015-2Q.pdf

[8] Andreea Bendovschi, “Cyber-Attacks – Trends, Patterns and Security Counter-Measures,” Procedia Economics and Finance, vol. 28, pp. 24–31, 2015.

[CrossRef] [Google Scholar] [Publisher Link]

[9] Uchenna Daniel Ani, Hongmei He, and Ashutosh Tiwari, “Human Factor Security: Evaluating the Cybersecurity Capacity of the Industrial Workforce,” Journal of Systems and Information Technology, vol. 21, no. 12, pp. 2-35, 2019.

[CrossRef] [Google Scholar] [Publisher Link]

[10] Ahmed Alghamdi, “A Systematic Review on Human Factors in Cybersecurity,” JIJCSNS International Journal of Computer Science and Network Security, vol. 22, no. 10, pp. 282-290, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[11] Liu Hua Yeo, and James Banfield, “Human Factors in Electronic Health Records Cybersecurity Breach: An Exploratory Analysis,” Perspect Health Information Management, vol. 19, no. 3, 2022.

[Google Scholar] [Publisher Link]

[12] Edward L. Deci, and Richard M. Ryan, Intrinsic Motivation and Self-Determination in Human Behavior, New York: Springer Nature, 1985.

[CrossRef] [Google Scholar] [Publisher Link]

[13] Mehmet Akif Demircioglu, and Chung-An Chen, “Public Employees’ Use of Social Media: Its Impact on Need Satisfaction and Intrinsic Work Motivation,” Government Information Quarterly, vol. 36, no. 1, pp. 51-60, 1998.

[CrossRef] [Google Scholar] [Publisher Link]

[14] Erdal Ozkaya, “Cybersecurity Challenges in Social Media,” PhD Thesis, Charles Sturt University, Australia, Australia, 2018.

[Google Scholar] [Publisher Link]

[15] Mohit Singhal et al., “Cybersecurity Misinformation Detection on Social Media: Case Studies on Phishing Reports and Zoom’s Threat,” Proceedings of the Seventeenth International AAAI Conference on Web and Social Media, vol. 17, no. 1, pp. 796-807, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[16] Thilagaraj Ramasubbu, and Deepak Raj Rao G., “Vulnerabilities of Social Networking Sites- An Open Attack Vector for Cybercriminals,” Journal of Network and Information Security, vol. 6, no. 1, pp. 12-17, 2018.

[Google Scholar] [Publisher Link]

[17] Talal Alharbi, and Asifa Tassaddiq, “Assessment of Cybersecurity Awareness among Students of Majmaah University,” Big Data Cognitive Computing, vol. 5, no. 2, pp. 1-15, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[18] Samar Muslah Albladi, and George R.S. Weir, “Predicting Individuals’ Vulnerability to Social Engineering in Social Networks,” Cybersecurity, vol. 3, pp. 1-19, 2020.

[CrossRef] [Google Scholar] [Publisher Link]

[19] Nurul Nuha, and Abdul Molok, “Disclosure of Organizational Information by Employees on Facebook: Looking at the Potential for Information Security Risks,” 22^nd Australasian Conference on Information Systems, vol. 78, pp. 1-11, 2011.

[Google Scholar] [Publisher Link]

[20] Bernhard Debatin et al., “Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences,” Journal of Computer-Mediated Communication, vol. 15, no. 1, pp. 83-108, 2009.

[CrossRef] [Google Scholar] [Publisher Link]

[21] KNBS, “2023 Economic Survey,” Kenya National Bureau of Statistics, Nairobi, Technical Report, pp. 1-510, 2023.

[Publisher Link]

[22] Glenn D. Israel, “Determining Sample Size,” Florida Cooperative Extension Services, Institue of Food and Agricultural Sciences, University of Florida, Gainesville, Fact Sheet POED-6, 1992.

[Google Scholar] [Publisher Link]

[23] Taro Yamane, Statistics: An Introductory Analysis, 2^nd ed., New York: Harper and Row, 1967.

[Google Scholar]

[24] Ranjith Kumar, Research Methodology: A Step by Step Guide for Beginners, 4^th ed., London: Sage, pp. 104-127, 2011.

[Google Scholar] [Publisher Link]

[25] Jack E. Fincham, “Response Rates and Responsiveness for Surveys, Standards, and the Journal,” American Journal of Pharmaceutical Education, vol. 72, no. 2, pp. 1- 4, 2008.

[CrossRef] [Google Scholar] [Publisher Link]

[26] John T.E. Richardson, “Instruments for Obtaining Student Feedback: A Review of the Literature,” Assessment and Evaluation in Higher Education, vol. 30, no. 4, pp. 387-415, 2010.

[CrossRef] [Google Scholar] [Publisher Link]