Effectiveness of Information Security Awareness Strategies Used by Financial Institutions to the Customers

Abstract

The study examined the effectiveness of financial institutions' information security awareness- building strategies to their customers in commercial banks in Arusha city. The study had three specific objectives: (i) to identify the information security awareness strategies used by financial institutions, (ii) to examine information security awareness levels among customers of financial institutions and (iii) to determine the effectiveness of each information security awareness strategy used by financial institutions. The sample was selected using a stratified and convenient way. Structured questionnaires were used to collect primary data from respondents. Data were analysed using descriptive statistics. Findings indicated that financial institutions have a myriad of strategies to disseminate information security awareness. Moreover, using ICT, especially social media, has made disseminating information security awareness easy. It was also revealed that the use of email alerts as a strategy of information security awareness was not among the strategies used by financial institutions because some of the customers have no email addresses and some who do are not using them regularly; thus, it was not a suitable strategy for information sharing. The study further found that the level of information security awareness among customers was high with the mean score of 3.51, 3.74, 4.03 and 3.96 respectively. It was further found that the information security awareness strategy used by financial institutions was effective in making sure that customers are given awareness on information security and that even though the information security awareness strategy used by financial institutions was effective in making sure that customers are given awareness on information security, they were not regularly conducted thus increasing the risks. The study recommends that financial institutions review their information security awareness strategies to maintain only those that are useful and only those that can be effective in raising information security awareness including the use of social media that are commonly used among customers. The study further recommends that the information institutions should see how best they raise information security awareness among customers because banks use different strategies to raise information security awareness among customers, some customers still become victims of information security risks. Moreover, the study recommends that financial institutions see the possibility of conducting information security awareness strategies regularly because, even though the information security awareness strategies used by financial institutions were effective in making sure that customers are given awareness on information security, they were not regularly conducted thus increasing