AWARENESS OF ICT SECURITY POLICY TO ENSURE DATA PROTECTION IN FORESTRY DEPARTMENT PENINSULAR MALAYSIA

Abstract

The Forestry Department Peninsular Malaysia's (FDPM) ICT Security Policy was developed and implemented in 2012 and reviewed in 2015. This policy aims to take the lead in managing data, hardware, software, network, and ICT security under legal regulations. Amongst the department's responsibilities are to implement data confidentiality, integrity, and availability policies to ensure the continuity of activities and services while mitigating the impact of security incidents. Accidentally, on September 16, 2016, a fire broke out in the FDPM building, causing property damage and document destruction with an estimated loss of RM30 million. Currently, in Malaysia, cybercrime and government data intrusion has become increasingly difficult to combat. Raising public awareness, particularly among officers who serve as service providers and department employees, is therefore critical to address those issues. Therefore, the objectives of this research are to determine the level of awareness of FDPM employees regarding FDPM ICT Security Policy as well as to investigate the factors that influence information security awareness. Inputs from this study were derived from both primary and secondary sources to meet the objectives. Primary data was gathered through surveys where 130 questionnaires were distributed to FDPM headquarters employees at the management, professional, and support team levels. Meanwhile, secondary data was gathered from FDPM annual and management reports, statistical data, journals, reference documents, and the Internet. The findings were analyzed statistically using SPSS. The level of awareness has been determined and an appropriate criterion to improve the level of information security awareness among FDPM employees was recommended which may help for a better understanding of department culture and increase a higher level of security awareness among FDPM employees.