The Last Line of Defense
Information Security Awareness in the Age of Digital Organizations
Abstract
The continuous expansion of digital threats poses new challenges for economic organizations, while it becomes increasingly evident that information security is not solely a technological issue, but also a human and organizational concern. This study focuses on examining the level of information security awareness among Hungarian employees, with particular emphasis on the factors that influence security-conscious behavior.
The empirical basis of the research was a questionnaire survey, in which the responses of 525 individuals were analyzed using statistical methods. Awareness levels were evaluated according to age, educational attainment, and workplace context.
The findings reveal significant disparities in information security awareness across various social and organizational groups. While some respondents exhibit a low level of preparedness against common threats, others demonstrate the integration of secure behavioral practices. Organizational size, workplace culture, and the structure of training and education programs all play a critical role in shaping awareness. The study highlights that cybersecurity is not merely a matter of tools and protocols: sustainable protection lies in human behavior, not solely in algorithms—especially in an era where the rise of artificial intelligence elevates the ethical, legal, and societal dimensions of information security to unprecedented levels.
References
2013. évi L. törvény az állami és önkormányzati szervek elektronikus információ-biztonságáról. (2013). https://mkogy.jogtar.hu/jogszabaly?docid=a1300050.TV
2024. évi LXIX. törvény Magyarország kiberbiztonságáról. (2024). https://mkogy.jogtar.hu/jogszabaly?docid=A2400069.TV
Ackoff, R. (1989). From Data to Wisdom. Journal of Applied Systems Analysis, 16, 3-9. University of Lancaster.
Alboqami, H. (2023). Factors Affecting Consumers Adoption of AI-Based Chatbots: The Role of Anthropomorphism. American Journal of Industrial and Business Management, 13(4), 195. https://doi.org/10.4236/ajibm.2023.134014
Al-Zahrani, A. M. (2024). Unveiling the shadows: Beyond the hype of AI in education. Heliyon, 10(9). https://doi.org/10.1016/j.heliyon.2024.e30696
Calvano, M., Curci, A., Desolda, G., Esposito, A., Lanzilotti, R., & Piccinno, A. (2025). Building Symbiotic AI: Reviewing the AI Act for a Human-Centred, Principle-Based Framework. https://doi.org/10.48550/ARXIV.2501.08046
Christen, M., Blumer, H., Hauser, C., & Huppenbauer, M. (2019). The Ethics of Big Data Applications in the Consumer Sector. In Springer eBooks (p. 161). Springer Nature. https://doi.org/10.1007/978-3-030-11821-1_10
Copeland, B. J (szerk.) (2004): The Essential Turing Seminal Writingsin Compu-ting, Logic, Philosophy, Artificial Intelligence, and Artificial Life plus The Secrets of Enigma. Oxford University Press
Cordero, J., Barba-Guamán, L., & Guamán, F. (2022). Use of chatbots for customer service in MSMEs. Applied Computing and Informatics. https://doi.org/10.1108/aci-06-2022-0148
Cox, S. R., Lee, Y., & Ooi, W. T. (2023). Comparing How a Chatbot References User Utterances from Previous Chatting Sessions: An Investigation of Users’ Privacy Concerns and Perceptions. 105. https://doi.org/10.1145/3623809.3623875
Darwin, V., & Nkongolo, M. (2023). Data Protection for Data Privacy-A South African Problem? arXiv (Cornell University). https://doi.org/10.48550/arxiv.2306.09934
Davenport, T. H., & Prusak, L. (2001). Tudásmenedzsment. Kossuth Kiadó
Digital Economy and Society Index (DESI). (2022) Európai Bizottság. https://digital-strategy.ec.europa.eu/hu/library/digital-economy-and-society-index-desi-2022 (utolsó hozzáférés: 2025.06.30.)
Drljača, D., & Latinović, B. (2017). Audit in public administration’s information systems – External or internal? IOP Conference Series Materials Science and Engineering, 200, 12026. https://doi.org/10.1088/1757-899x/200/1/012026
Gémes Cs. (2017. december). Az információbiztonság alapkérdései, Hadmérnök, 12(4), 128-137.
Guan, H., Dong, L., & Zhao, A. (2022). Ethical Risk Factors and Mechanisms in Artificial Intelligence Decision Making. Behavioral Sciences, 12(9), 343. https://doi.org/10.3390/bs12090343
Hand, D. J. (2018). Aspects of Data Ethics in a Changing World: Where Are We Now? [Review of Aspects of Data Ethics in a Changing World: Where Are We Now?]. Big Data, 6(3), 176. Mary Ann Liebert, Inc. https://doi.org/10.1089/big.2018.0083
Helbing, D. (2013). From Technology-Driven Society to Socially Oriented Technology. The Future of Information Society -- Alternatives to Surveillance. arXiv (Cornell University). https://doi.org/10.48550/arxiv.1307.2397
Hermann, E. (2021). Leveraging Artificial Intelligence in Marketing for Social Good—An Ethical Perspective. Journal of Business Ethics, 179(1), 43. https://doi.org/10.1007/s10551-021-04843-y
Hernández, E. (2024). Towards an Ethical and Inclusive Implementation of Artificial Intelligence in Organizations: A Multidimensional Framework. arXiv (Cornell University). https://doi.org/10.48550/arxiv.2405.01697
Huang, L. (2023). Ethics of Artificial Intelligence in Education: Student Privacy and Data Protection. Science Insights Education Frontiers, 16(2), 2577. https://doi.org/10.15354/sief.23.re202
Huang, M., & Rust, R. T. (2020). A strategic framework for artificial intelligence in marketing. Journal of the Academy of Marketing Science, 49(1), 30. https://doi.org/10.1007/s11747-020-00749-9
Illésy M., Nemeslaki A., & Som Z. (2014). Elektronikus információbiztonság tudatosság a magyar közigazgatásban. Információs Társadalom, XIV, 1. szám. 52-73.
ISACA. (2013). ISACA magyar szakkifejezés-gyűjtemény.
Jacobs J., Haney J., & Furman S. (2022). Measuring the Effectiveness of U.S. Government Security Awareness Programs: A Mixed-Methods Study (Short Paper). Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022) 8th Workshop on Security Information Workers (WSIW 2022).
Koltay T. (2008. augusztus). A bölcsesség hierarchiája: az adat-, információ-, tudás-, bölcsességhierarchia reprezentációi, Tudományos és Műszaki Tájékoztatás, 55(8), 2008.
Kovács L., & Krasznay Cs. (2010). Digitális Mohács. Nemzet és biztonság, 3., 44-56.
Kruger, H. A., & Kearney, W. D. (2006). A prototype for assessing information security awareness. Computer & Security, 25, 289-296, Elsevier BV. https://doi.org/10.1016/j.cose.2006.02.008
Kubaisi, A. A. S. H. A. (2024). Ethics of Artificial Intelligence a Purposeful and Foundational Study in Light of the Sunnah of Prophet Muhammad. Religions, 15(11), 1300. https://doi.org/10.3390/rel15111300
Larsson, S. (2018). Algorithmic governance and the need for consumer empowerment in data-driven markets. Internet Policy Review, 7(2). https://doi.org/10.14763/2018.2.791
Latham, A., & Goltz, N. (2019). A Survey of the General Public’s Views on the Ethics of Using AI in Education. In Lecture notes in computer science (p. 194). Springer Science+Business Media. https://doi.org/10.1007/978-3-030-23204-7_17
Lee, R.-W., Choi, S.-H., & Hu, S.-H. (2023). Effect of temporal distance and goal type on predictions of future information security: Focus on moderation of self-efficacy and social responsibility. Acta Psychologica, 238. Elsevier BV. https://doi.org/10.1016/j.actpsy.2023.103990
Liu, F. (2020). A Statistical Overview on Data Privacy. arXiv (Cornell University). https://doi.org/10.48550/arxiv.2007.00765
Lou, C., Kang, H., & Tse, C. H. (2021). Bots vs. humans: how schema congruity, contingency-based interactivity, and sympathy influence consumer perceptions and patronage intentions. International Journal of Advertising, 41(4), 655. https://doi.org/10.1080/02650487.2021.1951510
Métayer, D. L., Danezis, G., Hansen, M., Hoepman, J.-H., Tirtea, R., Schiffner, S., & Domingo‐Ferrer, J. (2015). Privacy and Data Protection by Design - from policy to engineering. arXiv (Cornell University). https://doi.org/10.48550/arxiv.1501.03726
Mitnick, K.D., & Simon, W. L. (2003). The Art of Deception: Controlling the Human Element of Security. Wiley Publishing.
Muha L. (2008). Az informatikai biztonság egy lehetséges rendszertana. Bolyai szemle, 17(4), 137-156.
Munk S. (2008). Információbiztonság vs. informatikai biztonság. Hadmérnök, 1-21.
Naik, N., Hameed, B. M. Z., Shetty, D. K., Swain, D., Shah, M., Paul, R., Aggarwal, K., Ibrahim, S., Patil, V., Smriti, K., Shetty, S., Prasad, B., Chłosta, P., & Somani, B. (2022). Legal and Ethical Consideration in Artificial Intelligence in Healthcare: Who Takes Responsibility? [Review of Legal and Ethical Consideration in Artificial Intelligence in Healthcare: Who Takes Responsibility?]. Frontiers in Surgery, 9. Frontiers Media. https://doi.org/10.3389/fsurg.2022.862322
Nazarov, А., Nazarov, D., & Kovtun D. (2021). Information security of territorial stability. E3S Web of Conferences, 291, 3018. https://doi.org/10.1051/e3sconf/202129103018
Olorunfemi, O. L., Amoo, O. O., Atadoga, A., Fayayola, O. A., Abrahams, T. O., & Shoetan, P. O. (2024). Towards A Conceptual Framework For Ethical Ai Development In It Systems. Computer Science & IT Research Journal, 5(3), 616. https://doi.org/10.51594/csitrj.v5i3.910
Pereira, F., Correia, R., Pinho, P., Lopes, S. I., & Carvalho, N. B. (2020). Challenges in Resource-Constrained IoT Devices: Energy and Communication as Critical Success Factors for Future IoT Deployment [Review of Challenges in Resource-Constrained IoT Devices: Energy and Communication as Critical Success Factors for Future IoT Deployment]. Sensors, 20(22), 6420. Multidisciplinary Digital Publishing Institute. https://doi.org/10.3390/s20226420
Pusztahelyi, R. (2021). Towards a European AI liability system. Multidiszciplináris Tudományok, 11(5), 317. https://doi.org/10.35925/j.multi.2021.5.35
Radziwill, N., & Benton, M. C. (2017). Evaluating Quality of Chatbots and Intelligent Conversational Agents. arXiv (Cornell University). https://doi.org/10.48550/arxiv.1704.04579
Rooy, D. V., & Bus, J. C. P. (2010). Trust and privacy in the future internet—a research perspective. Identity in the Information Society, 3(2), 397. https://doi.org/10.1007/s12394-010-0058-7
Rowley, J. (2007). The wisdom hierarchy: representations of the DIKW hierarchy. Journal of Information Science, 33 (2), 163-180.
SANS (2023). Security Awareness Report, Managing Human Risk., [Éves jelentés].
Schaik, P. van, Jeske, D., Onibokun, J., Coventry, L., Jansen, J., & Kusev, P. (2017). Risk perceptions of cyber-security and precautionary behaviour. Computers in Human Behavior, 75, 547. https://doi.org/10.1016/j.chb.2017.05.038
Schlienger, T., & Teufel S. (2003). Information security culture - From analysis to change. South African Computer Journal, 46–52
Shehu, V. P., & Shehu, V. (2023). Human rights in the technology era – Protection of data rights. Deleted Journal, 7(2), 1. https://doi.org/10.2478/ejels-2023-0001
T.S. Eliot, The Rock (Faber & Faber, London, 1934)
Tarján G. (2020). Az információbiztonsági tudatosság érettségi szintjének mérése szervezetekben [Doktori értekezés]. Budapesti Corvinus Egyetem
Vágány P. (2023). A leggyengébb láncszem vagy az utolsó védvonal? – Informá-cióbiztonság tudatosság gazdálkodó szervezeteknél, METU, 2023 (diplomadolgozat)
Vágány, P. (2024). Ne legyen áldozat! Néhány gondolat az információbiztonságról. Mezőgazdasági Technika, 2024 április, pp 38-40
Weydner-Volkmann, S. (2023). Using Open, Public Data for Security Provision: Ethical Perspectives on Risk-Based Border Checks in the EU. European Journal for Security Research, 8, 25. https://doi.org/10.1007/s41125-023-00092-4
Wilson, M., & Hash, J. (2003). Building an Information Technology Security Awareness and Training Program. National Institute of Standards and Technology. https://doi.org/10.6028/nist.sp.800-50
Zeleny, M. (1987). Management support systems: Towards integrated knowledge management, Human Systems Management, 7(1), 59–70.
