An Analysis of Cybersecurity Culture Among the Nigerian Academia

Abstract

The aim of this study was to quantitatively analyse the notion of cybersecurity culture among the Nigerian academia in North Central Nigeria. The study sought the perception among the students, academic and administrative staff of the different institutions of higher learning in Nigeria on the existence of cybersecurity culture and information security awareness. The quantitative research adopted a homogeneous sampling method, a procedure of choosing participants with parallel traits was used to select 327 participate from eighteen Nigerian tertiary institutions based in the NorthCentral region of the country. The data was collected to obtain the level of awareness, perception and behavioural traits through the use of an online questionnaire survey tool utilising a five-point Likert scale. Data collected was analysed by comparison of means, Analysis of Variance (ANOVA) and ChiSquare statistics at .05 level of significance using the Statistical Package for the Social Sciences (SPSS) IBM version 20.00. The findings of this research showed that the level of awareness of cybersecurity was very low and the perceived existence of a cybersecurity culture was also weak in the different levels of tertiary educational institutions in North-central Nigeria. It was also found that the behavioural traits of individuals and administrators in the system were not those that will encourage a strong cybersecurity culture in the Nigerian academia. From the responses it was also clear that the management of institutions did not prioritise information security, practices, policies and procedures as a practice in their institutions. The paper recommends that the Nigeria tertiary institutions should enhance their information security culture by implementing comprehensive awareness programs, strengthening policies, prioritizing cybersecurity governance, investing in advanced security infrastructure, fostering security ownership, and promoting research and collaboration to mitigate data breaches and protect sensitive information