Profiling Student Breach of University ICT Codes of Conduct

What is it about?

The ICT Codes of Conduct are policies governments, organisations, and universities use to protect their IT infrastructure from misuse and cybersecurity threats posed by malicious actors over the network. University students sign various agreements including ICT Codes of Conduct before the commencement of enrolment to act responsibly to use the university’s IT resources and services. Unfortunately, individuals often ignore and have inadequate compliance with these policies posing organisational cybersecurity risks. Therefore, our research aims to understand why individuals are not compliant with ICT Codes of Conduct and predict the breach profiles of the students. We collected 260 students’ responses to five breach/non-breach scenarios pairs using our universities’ ICT Codes of Conduct that are most likely to be breached by the students. We sensitised the participants to five ethical principles: non-maleficence, beneficence, justice, autonomy, and explicability drawn from AI4People’s framework in the cybersecurity context. Our research found that most students could identify breaches in the scenarios. Data modelling found the strength of students’ commitments to appropriate uses of ICT resources and their commitments to ethical principles and knowledge of their university’s ICT Policy. Hence, confirmed the importance of training in ethics, increasing commitment to the institution, and improving knowledge of the ICT policy and appropriate usage of ICT resources.

Featured Image

Photo by Towfiqu barbhuiya on Unsplash

Photo by Towfiqu barbhuiya on Unsplash

Why is it important?

Providing cybersecurity-related ethical training is important to increase students’ compliance with their university's ICT Codes of Conduct to protect themselves and their university’s IT infrastructure from cybersecurity risks.

Perspectives