This research investigates the effects of people’s mental modal of cybersecurity on their security behaviour. Data were collected using survey design and the questions were measured on a Likert five point-scale. The questionnaires were distributed to mainly IT staff, management staff and other staff that uses computers in the discharge of their duties. The data were analysed using percentages, frequencies and statistical methods of regression and ANOVA while Cronbach Alpha reliability coefficient technique was adopted to test the validity of the questions used to collect primary data. The result reveals that people’s prior knowledge of cybersecurity issues has no effect on people’s mental models for improved cybersecurity behaviour, but lack of trained staff (cyber talents), lack of supportive infrastructures, time constraints, exclusion of cybersecurity in non-computing courses, poor knowledge of fundamental computing areas, lack of mentors with hands-on experience, lack of cyber training or challenge programme, and inadequate books on cyber security were admitted by the participants as some of the major factors that inhibit their knowledge and engagement in cybersecurity education. These barriers if not checked could limit the level of cybersecurity awareness among undergraduate students.
REGULATIONS OR LEGISLATION FOR DATA PROTECTION IN NIGERIA? A CALL FOR A CLEAR LEGISLATIVE FRAMEWORK (Published)
Personal information or personally identifiable data is a subject that people have become aware of the need to protect. And the challenge of legislating for data protection in today’s world is that which many nations have taken seriously. Nigeria as a developing nation appears not to be left out of this as the NITDA has released a set of guidelines in this regard as a means to offer some protection. This article examines legislations on the Nigerian landscape that resemble data protection legislation like the Official Secrets Act, the Freedom of Information Act and the most recent NITDA Draft Guidelines for data protection with a view to show the adequacy or otherwise. The guidelines were examined in some detail. The paper summarily compares the present landscape with the European Union standard and concludes that Nigeria does not have adequate data protection legislation. The paper concludes that strong legislation is desirable to protect personal data in Nigeria.