Volume 10, Issue 2 (2022)
Health Educ Health Promot 2022, 10(2): 369-375 |
Back to browse issues page
Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
Ali Alferjanya M, Musaed Al-mwald M, Alias R. The Effect of Cyber Security Knowledge on Employees’ Personal Growth: An Empirical Study in Private Hospitals in Libya and Yemen. Health Educ Health Promot 2022; 10 (2) :369-375
URL: http://hehp.modares.ac.ir/article-5-61748-en.html
URL: http://hehp.modares.ac.ir/article-5-61748-en.html
1- College of Graduated Studies, Universti Tenaga National, Putrajaya, Malaysia
2- College of Computing and Informatics, Universti Tenaga National, Putrajaya, Malaysia
3- Graduate Business School, Universiti Tenaga National, Putrajaya, Malaysia
2- College of Computing and Informatics, Universti Tenaga National, Putrajaya, Malaysia
3- Graduate Business School, Universiti Tenaga National, Putrajaya, Malaysia
Keywords: Cybersecurity [MeSH], Knowledge [MeSH], Engineering [MeSH], Patient Generated Health Data [MeSH]
Full-Text [PDF 737 kb]
(828 Downloads)
| Abstract (HTML) (785 Views)
Full-Text: (672 Views)
Introduction
Personal growth is seen as a change within an individual that is affective, cognitive, or behavioral, and is typically, believed of as positive, making the employee even complete and truly functional [1]. Personal growth tends to be identified as the life-long cycle of enhancing individual's identity and self-awareness, learning skills, and creating human resources to eventually improve individual's success at work and quality of life [2, 3], indicates to the approaches and strategies that promote human growth at the personal level. Maslow’s theory highlighted that an individual has five fundamentals needs, which are Physiological, Security needs, Affiliation needs, Esteem needs and on the top Self-actualization needs which involve recognizing ones` full potential or self-development and personal growth [3].
Personal growth has been mentioned in the six variables of psychological well-being defined by the proposed model of Carol Ryff, besides autonomy, environmental mastery, supportive relationships with colleagues, meaning in life, and self-acceptance. She established three major axes of personal growth: power, awareness, and self-development [4]. Nowadays, personal growth has been achieved widely through workshops, social interactions, work coaching, learning programmes, and techniques for time-management [5, 6]. According to the World Health Organization's (WHO) technical series on primary health care, information, and communication technology (ICT) is becoming more prevalent in the healthcare industry. With the introduction of smartphones, tablets, and laptop computers, digital technologies for health have impacted how health services are delivered and operated [7]. Furthermore, with the ongoing COVID-19 pandemic, the adoption rate of such technologies has been expedited. Therefore, cybersecurity is increasingly becoming a prominent concern among healthcare providers adopting digital technologies to improve patient quality of care.
The recent reports on cyberattacks, such as ransomware, and WannaCry, have brought to life the destructive nature of such attacks upon healthcare. In addition to cyberattacks, which have been targeted against the vulnerabilities of information technology infrastructures, a new form of cyberattack aims to exploit human vulnerabilities; such attacks are categorized as "social engineering attacks." Healthcare is particularly attractive to cybercriminals because of its data-rich nature, critical use-cases, and multiple access points [8]. Additionally, healthcare data is more valuable on the dark web [9]. The sector is believed to have the financial muscle to pay for cyber criminals' attacks such as ransomware. Notable cases include the German hospital hacks [10], which resulted in a patient's death, and the unauthorized access to some medical records in Finland [11], in which the hackers’ demanded ransoms from each of the patients involved. While the mode of entry was not specified in these incidents, most of these attacks resulted from human elements. To this end, strengthening the healthcare workforce, colloquially referred to as the human firewall, is necessary to complement technical information security solutions. As a result, numerous comprehensive studies have been conducted to recognize the critical role of human factors in cyber security incidents [12-14].
The main objective of this empirical paper was to outline the positive effect of cyber security knowledge (CSK) on employees' personal growth in private hospitals in Libya and Yemen, highlighting the disparity between current healthcare security practices and the required security practices specified in the information security policy. In addition, the healthcare sector's security gaps and risky practices were examined. In order to improve employees’ personal growth, develop them in a scientific and thoughtful manner, and prevent competitors from obtaining their expertise and knowledge, the organization is required to pay attention to the CSK which considered to be one of the riskiest threats in today’s business world [15]. Therefore, this study aimed to explore if there is an effect of CSK (proactive, reactive, and active) on employees’ personal growth (growth mindset, metacognition, and self-authorship) in private hospitals in Libya and Yemen.
Although the education field is mainly concentrated on planning for individual's career as a guide for personal growth (PG), scholars find out PG within workplace is rather a term of workers’ capacity and agency to deal with, shape and appropriate their situation. This is why the structure of strengths intervention has recently been investigated as a means to improve feelings of skill, productivity and superiority in workers to encourage PG [16], with an immediate influence on general self-effectiveness and an indirect impact on PG.
Le Cunff [1], indicated that Personal growth is consists of three basic constructs which are: Growth mindset, Metacognition, and Self-Authorship. Growth mindset which can be identified as the belief that basic abilities mostly can be gained through devotion and hardworking, talent and brain are just the starting point. The theory of growth mindset is supported by cognition research that shows that everybody has the capacity to improve their intellect [17]. Metacognition, usually defined as “knowing about knowing” or “thinking about thinking” which means the capacity to recognize and control individual’s cognitive process and gain information about how and when to use relevant techniques for problem-solving [18]. Self-authorship refers to the internal coordination and generation of individual's values, internal loyalties, and the self-belief in individual’s abilities to rely on internal values in case to make choices [18].
PG Constructs consist particularly of three stages, a growth mindset considered crucial to the first two stages of PG, Pact and Act. While metacognition mostly useful for the next stages Act and React. Finally, self-authorship though to be very essential for the stages, React and Impact. Figure 1 shows personal growth constructs and stages.
Figure 1) Personal growth constructs and stages [1]
To conclude, PG featured distinguishably in the need’s literature since the 40s and 50s of the last century, for example, Maslow’s theory hierarchy of needs, Alderfer’s theory of existence, relatedness and growth, this stresses that personal growth opportunities are particularly valuable to employers. As a human being, an individual feels a great sense of fullness and wholeness by fulfilling growing needs. The company is expected to take responsibility, provide growth opportunities for employees, and make personal growth a crucial construct to be investigated. The current research enhances that CSK can help the organization to achieve that.
The paradigm shift toward digitalized healthcare necessitates the storage of massive amounts of electronic patient data across multiple operating [19]. Integrating new technologies with out-of-date, legacy, or unsupported operating systems compromises interoperability and exposes organizations to increased cybersecurity risk. Historically, healthcare organizations have prioritized patient care over cybersecurity and have viewed the electronic health record as the holy grail of optimal patient care. Healthcare, however, lags other industries regarding data security and the development of comprehensive cybersecurity training programs for employees [20]. In addition, as the volume and value of patient information increases, health managers must develop cybersecurity capabilities across their organization [21]. Cybersecurity capability development entails updating existing information technology and anticipating and proactively acquiring the need for new technology, cybersecurity talent, and comprehensive organizational training.
Information security practices are proactive measures taken by healthcare staff to adhere to security policies or rules and ensure the information system's confidentiality, integrity, and availability [22]. There are numerous security measures, but the most common are internet use, email use, social media use, password management, incident reporting, information handling, and mobile computing [23]. Within the context of the human aspect of information security practices, these security practices were identified as being more prone to security violations. Compliance with these security measures for healthcare personnel is contingent on various factors, including knowledge, attitude, and behavior, collectively referred to as asked variables. Cybercrime will cost the global economy $10.5 trillion by 2025. While that figure is difficult to comprehend, security threats exist and affect virtually everyone, from large multinational corporations to small businesses and everything in between [24]. In addition, cyber threats have become more sophisticated, because attackers can adapt to new security regulations, businesses must stay one step ahead to protect their operations. They will have an advantage over attackers if they have a comprehensive, well-planned, and unique cybersecurity strategy. The most popular cybersecurity strategies are proactive, active, and reactive.
Proactive strategy-“BEFORE THEY COME, WE WILL BE READY” cyber defence is based on comprehensive cyber security assessments. It uses real-time network monitoring, and cyber threat intelligence feeds to build a detailed picture of the security landscape and how threats manifest and are exploited. The in-depth analysis can help identify and remediate weak spots before exploits are available and identify areas for targeted investment to improve the system's overall security. In addition, encryption and/or dynamic distribution technologies can protect data in transit and at rest [25].
Active strategy-“WHEN THEY COME, WE WILL RESPOND” With enhanced security monitoring of information and assets, an active approach to security builds on the reactive approach. In addition, vulnerability management, advanced firewalls, multi-factor authentication, NAC (network access controls), DLP (data loss prevention), and other technologies are deployed and managed. Also, security information event management (SIEM) systems are deployed to provide real-time monitoring [26].
Reactive strategy-“IF THEY COME, WE WILL RESPOND”. The reactive strategy is simple to comprehend. For instance, a data breach could occur. Protective measures are implemented first, followed by restoration efforts. Almost certainly, all businesses that understand the potential for a cyberattack have experimented with various of network security solutions. Businesses almost certainly have antivirus, firewall, and threat monitoring software installed. They have devised a strategy to combat an attack in the unfortunate but possible event. After the threat has passed, the team follows well-documented procedures to determine what went wrong and what preventative measures should be taken to avoid future occurrences [27].
The main objective of this empirical paper was to outline the positive effect of cyber security knowledge on employees' personal growth in private hospitals in Libya and Yemen, highlighting the disparity between current healthcare security practices and the required security practices specified in the information security policy. In addition, the healthcare sector's security gaps and risky practices were examined. In order to improve employees’ personal growth, develop them in a scientific and thoughtful manner, and prevent competitors from obtaining their expertise and knowledge, the organization is required to pay attention to cyber security knowledge which is considered to be one of the riskiest threats in today’s business world. Therefore, this study aimed to explore the effect of Cyber security knowledge (proactive, reactive, and active) on employees’ personal growth (growth mindset, metacognition, and self-authorship) in private hospitals in Libya and Yemen.
Instrument and Methods
The descriptive analytical approach was adopted to study the relationship between all the main and sub-variables, the data of which were derived from the study population. The study population consisted of managers in the middle and lower management in the biggest 5 private hospitals in Libya and the biggest 5 private hospitals in Yemen. This study took place in March 2021. The number of middle managers reached 140, while the number of lower managers reached 357. Thus, the total number of the population in this research is 497 managers. A stratified random sample of 164 managers from the middle and lower management (33% of the population). The researchers calculated it after determining the study population of 497 [28]. Accordingly, the researchers distributed 164 questionnaires to the study sample members through Google form, a total of 147 questionnaires were retrieved, with a percentage of 90%. After examining the retrieved questionnaires, 9 were invalid. Thus, the number of valid questionnaires for analysis became a total of 138, with a percentage of 84% of the distributed questionnaires.
The study tool was adopted from previous studies and modified to suit the current study, PG was measured with the help of the instrument that achieved a high statistical validity (0.962), and high reliability Cronbach’s alpha (0.937) [1]. This scale was created originally by Robitschek and developed it in 2014 consisting of three constructs which are (Growth mindset, Metacognition, Self-Authorship) and divided into three items for each construct [1]. CSK was measured using the model [26] which achieved a high level of stability and reliability consisting of three constructs (Proactive, Reactive, Active) and divided into ten items.
Conceptual framework consists of the varied variables used in this study named as, CSK as an independent variable, employees’ personal growth as a dependent variable. Based on the literature review, the researcher poses the conceptual framework of this study illustrated in Figure 2.
Figure 2) Theoretical framework
Note. Independent Variable: CSK[26]. Dependent Variable: Personal growth[1]
To achieve the objectives of this study, the researchers used frequencies and percentages to describe the study sample's demographic variables; To determine the relative importance of the study variables, mean±SD was used; Finally, to discover the effect of the independent variable on more than one dependent variable, utilized multiple regression analysis.
Findings
Table 1 illustrates the respondents profile in terms of nationality, gender, age, level of education, and work experience.
Table 1) Personal and functional characteristics of the respondents
To calculate the reliability coefficient, the internal consistency test Cronbach Alpha was used, through the researcher applying his study tool in its final form to the stability sample that Consisted of 11 individuals from outside the study sample. Table 2 presents the stability values of the main variables, which indicated that in general, the study instrument has a high stability coefficient and its ability to achieve the study objectives is high.
There was a low dispersion in the responses about proactive, reactive, development of talents, growth mindset, metacognition, and self-authorship in private hospitals in Libya and Yemen. Generally, it turns out that the reality of the study sample's point of view was low (Table 3).
The statistical analysis results presented a significant effect of CSK on growth mindset, metacognition, and self-authorship in private hospitals in Libya & Yemen. The coefficient of determination R2 showed its value of changes in a growth mindset in private hospitals in Libya & Yemen is due to the change in CSK.
Table 2) The stability values of the main study variables (Cronbach Alpha)
Table 3) Results of mean±SD of questionnaire about private hospitals in Libya & Yemen
Table 4) Multiple regression analysis test results for the effect of CSK on PG in private hospitals in Libya & Yemen
Discussion
Based on the current findings, a set of recommendations can be divided into practical recommendations to the surveyed hospitals management, and a practical ones related to researchers and students in the field of business administration and cyber security, the most important are the following:
1. Establish hands-on study programmes and training workshops that include cyber awareness courses in order to:
Personal growth is seen as a change within an individual that is affective, cognitive, or behavioral, and is typically, believed of as positive, making the employee even complete and truly functional [1]. Personal growth tends to be identified as the life-long cycle of enhancing individual's identity and self-awareness, learning skills, and creating human resources to eventually improve individual's success at work and quality of life [2, 3], indicates to the approaches and strategies that promote human growth at the personal level. Maslow’s theory highlighted that an individual has five fundamentals needs, which are Physiological, Security needs, Affiliation needs, Esteem needs and on the top Self-actualization needs which involve recognizing ones` full potential or self-development and personal growth [3].
Personal growth has been mentioned in the six variables of psychological well-being defined by the proposed model of Carol Ryff, besides autonomy, environmental mastery, supportive relationships with colleagues, meaning in life, and self-acceptance. She established three major axes of personal growth: power, awareness, and self-development [4]. Nowadays, personal growth has been achieved widely through workshops, social interactions, work coaching, learning programmes, and techniques for time-management [5, 6]. According to the World Health Organization's (WHO) technical series on primary health care, information, and communication technology (ICT) is becoming more prevalent in the healthcare industry. With the introduction of smartphones, tablets, and laptop computers, digital technologies for health have impacted how health services are delivered and operated [7]. Furthermore, with the ongoing COVID-19 pandemic, the adoption rate of such technologies has been expedited. Therefore, cybersecurity is increasingly becoming a prominent concern among healthcare providers adopting digital technologies to improve patient quality of care.
The recent reports on cyberattacks, such as ransomware, and WannaCry, have brought to life the destructive nature of such attacks upon healthcare. In addition to cyberattacks, which have been targeted against the vulnerabilities of information technology infrastructures, a new form of cyberattack aims to exploit human vulnerabilities; such attacks are categorized as "social engineering attacks." Healthcare is particularly attractive to cybercriminals because of its data-rich nature, critical use-cases, and multiple access points [8]. Additionally, healthcare data is more valuable on the dark web [9]. The sector is believed to have the financial muscle to pay for cyber criminals' attacks such as ransomware. Notable cases include the German hospital hacks [10], which resulted in a patient's death, and the unauthorized access to some medical records in Finland [11], in which the hackers’ demanded ransoms from each of the patients involved. While the mode of entry was not specified in these incidents, most of these attacks resulted from human elements. To this end, strengthening the healthcare workforce, colloquially referred to as the human firewall, is necessary to complement technical information security solutions. As a result, numerous comprehensive studies have been conducted to recognize the critical role of human factors in cyber security incidents [12-14].
The main objective of this empirical paper was to outline the positive effect of cyber security knowledge (CSK) on employees' personal growth in private hospitals in Libya and Yemen, highlighting the disparity between current healthcare security practices and the required security practices specified in the information security policy. In addition, the healthcare sector's security gaps and risky practices were examined. In order to improve employees’ personal growth, develop them in a scientific and thoughtful manner, and prevent competitors from obtaining their expertise and knowledge, the organization is required to pay attention to the CSK which considered to be one of the riskiest threats in today’s business world [15]. Therefore, this study aimed to explore if there is an effect of CSK (proactive, reactive, and active) on employees’ personal growth (growth mindset, metacognition, and self-authorship) in private hospitals in Libya and Yemen.
Although the education field is mainly concentrated on planning for individual's career as a guide for personal growth (PG), scholars find out PG within workplace is rather a term of workers’ capacity and agency to deal with, shape and appropriate their situation. This is why the structure of strengths intervention has recently been investigated as a means to improve feelings of skill, productivity and superiority in workers to encourage PG [16], with an immediate influence on general self-effectiveness and an indirect impact on PG.
Le Cunff [1], indicated that Personal growth is consists of three basic constructs which are: Growth mindset, Metacognition, and Self-Authorship. Growth mindset which can be identified as the belief that basic abilities mostly can be gained through devotion and hardworking, talent and brain are just the starting point. The theory of growth mindset is supported by cognition research that shows that everybody has the capacity to improve their intellect [17]. Metacognition, usually defined as “knowing about knowing” or “thinking about thinking” which means the capacity to recognize and control individual’s cognitive process and gain information about how and when to use relevant techniques for problem-solving [18]. Self-authorship refers to the internal coordination and generation of individual's values, internal loyalties, and the self-belief in individual’s abilities to rely on internal values in case to make choices [18].
PG Constructs consist particularly of three stages, a growth mindset considered crucial to the first two stages of PG, Pact and Act. While metacognition mostly useful for the next stages Act and React. Finally, self-authorship though to be very essential for the stages, React and Impact. Figure 1 shows personal growth constructs and stages.
Figure 1) Personal growth constructs and stages [1]
To conclude, PG featured distinguishably in the need’s literature since the 40s and 50s of the last century, for example, Maslow’s theory hierarchy of needs, Alderfer’s theory of existence, relatedness and growth, this stresses that personal growth opportunities are particularly valuable to employers. As a human being, an individual feels a great sense of fullness and wholeness by fulfilling growing needs. The company is expected to take responsibility, provide growth opportunities for employees, and make personal growth a crucial construct to be investigated. The current research enhances that CSK can help the organization to achieve that.
The paradigm shift toward digitalized healthcare necessitates the storage of massive amounts of electronic patient data across multiple operating [19]. Integrating new technologies with out-of-date, legacy, or unsupported operating systems compromises interoperability and exposes organizations to increased cybersecurity risk. Historically, healthcare organizations have prioritized patient care over cybersecurity and have viewed the electronic health record as the holy grail of optimal patient care. Healthcare, however, lags other industries regarding data security and the development of comprehensive cybersecurity training programs for employees [20]. In addition, as the volume and value of patient information increases, health managers must develop cybersecurity capabilities across their organization [21]. Cybersecurity capability development entails updating existing information technology and anticipating and proactively acquiring the need for new technology, cybersecurity talent, and comprehensive organizational training.
Information security practices are proactive measures taken by healthcare staff to adhere to security policies or rules and ensure the information system's confidentiality, integrity, and availability [22]. There are numerous security measures, but the most common are internet use, email use, social media use, password management, incident reporting, information handling, and mobile computing [23]. Within the context of the human aspect of information security practices, these security practices were identified as being more prone to security violations. Compliance with these security measures for healthcare personnel is contingent on various factors, including knowledge, attitude, and behavior, collectively referred to as asked variables. Cybercrime will cost the global economy $10.5 trillion by 2025. While that figure is difficult to comprehend, security threats exist and affect virtually everyone, from large multinational corporations to small businesses and everything in between [24]. In addition, cyber threats have become more sophisticated, because attackers can adapt to new security regulations, businesses must stay one step ahead to protect their operations. They will have an advantage over attackers if they have a comprehensive, well-planned, and unique cybersecurity strategy. The most popular cybersecurity strategies are proactive, active, and reactive.
Proactive strategy-“BEFORE THEY COME, WE WILL BE READY” cyber defence is based on comprehensive cyber security assessments. It uses real-time network monitoring, and cyber threat intelligence feeds to build a detailed picture of the security landscape and how threats manifest and are exploited. The in-depth analysis can help identify and remediate weak spots before exploits are available and identify areas for targeted investment to improve the system's overall security. In addition, encryption and/or dynamic distribution technologies can protect data in transit and at rest [25].
Active strategy-“WHEN THEY COME, WE WILL RESPOND” With enhanced security monitoring of information and assets, an active approach to security builds on the reactive approach. In addition, vulnerability management, advanced firewalls, multi-factor authentication, NAC (network access controls), DLP (data loss prevention), and other technologies are deployed and managed. Also, security information event management (SIEM) systems are deployed to provide real-time monitoring [26].
Reactive strategy-“IF THEY COME, WE WILL RESPOND”. The reactive strategy is simple to comprehend. For instance, a data breach could occur. Protective measures are implemented first, followed by restoration efforts. Almost certainly, all businesses that understand the potential for a cyberattack have experimented with various of network security solutions. Businesses almost certainly have antivirus, firewall, and threat monitoring software installed. They have devised a strategy to combat an attack in the unfortunate but possible event. After the threat has passed, the team follows well-documented procedures to determine what went wrong and what preventative measures should be taken to avoid future occurrences [27].
The main objective of this empirical paper was to outline the positive effect of cyber security knowledge on employees' personal growth in private hospitals in Libya and Yemen, highlighting the disparity between current healthcare security practices and the required security practices specified in the information security policy. In addition, the healthcare sector's security gaps and risky practices were examined. In order to improve employees’ personal growth, develop them in a scientific and thoughtful manner, and prevent competitors from obtaining their expertise and knowledge, the organization is required to pay attention to cyber security knowledge which is considered to be one of the riskiest threats in today’s business world. Therefore, this study aimed to explore the effect of Cyber security knowledge (proactive, reactive, and active) on employees’ personal growth (growth mindset, metacognition, and self-authorship) in private hospitals in Libya and Yemen.
Instrument and Methods
The descriptive analytical approach was adopted to study the relationship between all the main and sub-variables, the data of which were derived from the study population. The study population consisted of managers in the middle and lower management in the biggest 5 private hospitals in Libya and the biggest 5 private hospitals in Yemen. This study took place in March 2021. The number of middle managers reached 140, while the number of lower managers reached 357. Thus, the total number of the population in this research is 497 managers. A stratified random sample of 164 managers from the middle and lower management (33% of the population). The researchers calculated it after determining the study population of 497 [28]. Accordingly, the researchers distributed 164 questionnaires to the study sample members through Google form, a total of 147 questionnaires were retrieved, with a percentage of 90%. After examining the retrieved questionnaires, 9 were invalid. Thus, the number of valid questionnaires for analysis became a total of 138, with a percentage of 84% of the distributed questionnaires.
The study tool was adopted from previous studies and modified to suit the current study, PG was measured with the help of the instrument that achieved a high statistical validity (0.962), and high reliability Cronbach’s alpha (0.937) [1]. This scale was created originally by Robitschek and developed it in 2014 consisting of three constructs which are (Growth mindset, Metacognition, Self-Authorship) and divided into three items for each construct [1]. CSK was measured using the model [26] which achieved a high level of stability and reliability consisting of three constructs (Proactive, Reactive, Active) and divided into ten items.
Conceptual framework consists of the varied variables used in this study named as, CSK as an independent variable, employees’ personal growth as a dependent variable. Based on the literature review, the researcher poses the conceptual framework of this study illustrated in Figure 2.
Figure 2) Theoretical framework
Note. Independent Variable: CSK[26]. Dependent Variable: Personal growth[1]
To achieve the objectives of this study, the researchers used frequencies and percentages to describe the study sample's demographic variables; To determine the relative importance of the study variables, mean±SD was used; Finally, to discover the effect of the independent variable on more than one dependent variable, utilized multiple regression analysis.
Findings
Table 1 illustrates the respondents profile in terms of nationality, gender, age, level of education, and work experience.
Table 1) Personal and functional characteristics of the respondents
To calculate the reliability coefficient, the internal consistency test Cronbach Alpha was used, through the researcher applying his study tool in its final form to the stability sample that Consisted of 11 individuals from outside the study sample. Table 2 presents the stability values of the main variables, which indicated that in general, the study instrument has a high stability coefficient and its ability to achieve the study objectives is high.
There was a low dispersion in the responses about proactive, reactive, development of talents, growth mindset, metacognition, and self-authorship in private hospitals in Libya and Yemen. Generally, it turns out that the reality of the study sample's point of view was low (Table 3).
The statistical analysis results presented a significant effect of CSK on growth mindset, metacognition, and self-authorship in private hospitals in Libya & Yemen. The coefficient of determination R2 showed its value of changes in a growth mindset in private hospitals in Libya & Yemen is due to the change in CSK.
Table 2) The stability values of the main study variables (Cronbach Alpha)
Table 3) Results of mean±SD of questionnaire about private hospitals in Libya & Yemen
Table 4) Multiple regression analysis test results for the effect of CSK on PG in private hospitals in Libya & Yemen
Discussion
Based on the current findings, a set of recommendations can be divided into practical recommendations to the surveyed hospitals management, and a practical ones related to researchers and students in the field of business administration and cyber security, the most important are the following:
1. Establish hands-on study programmes and training workshops that include cyber awareness courses in order to:
• Increase employees’ awareness of cyber security threats.
• Foster new perspectives on cyber risk and accountability for the preservation of organizational data.
• Turn knowledge into actions by reducing human elements that result in cyber security flaws.
• Create new standards to guide optimal cyber practices.
2. Extend existing understanding about cyber security among workers from other regions.
3. Invest in cyber security technologies because a large portion of the population lacks the skills and knowledge required to defend against cyber risks. Nonetheless, it is critical to invest in cyber retraining in order to influence perceptions about cyber threats.
4. The necessity for comparative study arose as a result of cultural differences in cyber security understanding. As a result, training programmes should be designed with an international perspective in mind, focusing on individual behaviour rather than local and regional manifestations.
5. Employees' personal growth should be enhanced by practitioners promoting both cognitive and behavioral components.
6. Cognitive characteristics may be increased by reflecting on personal interests, talents, and values, which may improve employees' goal formulation in an intelligent approach.
7. Employees may be guided in constructing a realistic and time-bound action plan to achieve their personal objectives, which would improve their goal implementation capacities and, as a result, the behavioral aspects of personal growth.
8. Organizations should engage supervisors with training so they likely to encourage employees’ personal growth, develop their goal setting, and communicate on employees’ daily well-being.
9. A better employee's personal growth make them less reliant on affective swings to participate in everyday professional difficulties, which would positively contribute to beneficial outcomes such as greater person-job fit.
It is vital to note that this research has several limitations that should be considered. The primary restriction of this study is the sort of respondents. Workers in private hospitals in Libya and Yemen comprised the sample size. It is advised that a larger sample size, one that is not deemed a convenient sample and covers many disciplines, be used to increase the study's robustness. Another point of contention is from the variables' measurement. Face validity was employed in the construction of the questionnaire, and we relied on a team of professionals to design our survey instrument. Because this is one of the few research that assesses CSK and personal growth, the questionnaire should be re-evaluated to ensure its reliability and validity.
Future research should focus on developing particular instruments to assess CSK. Although we used a single-item scale to quantify this variable, multi-item scales were proven to be more reliable. Nonetheless, other scholars have proposed that if a single-item inquiry can elicit meaningful information, its simplicity can impart validity and reliability, even at the sacrifice of comprehensive detail. Still, more comprehensive tools for assessing cyber security expertise are required. Furthermore, this sort of study should be carried out in other nations with different values and attitudes, with the findings compared to the current study. Future research should look at how particular training programmes based on our study findings might increase CSK, personal growth, and skill-based behaviour.
Conclusion
Cybercrime poses a severe threat to information security as internet consumption rates continuously increase in organizations. Therefore, CSK has become increasingly urgent for both organizations and employees. Furthermore, the finding of the current study approved that CSK must be a strategic requirement for any organization that seeks to update its employees’ skills and knowledge to achieve PG. A higher level of personal growth can lead to self-efficacy and job satisfaction, positively impacting organizational well-being and effectiveness.
Acknowledgments: None declared.
Ethical Permissions: There is no ethical code for this article.
Conflicts of Interests: None declared.
Authors’ Contributions: Ali Alferjanya MAO (First Author), Introduction Writer/Methodologist/Main Researcher/Statistical Analyst/Discussion Writer (50%); Musaed Al-mwald MN (Second Author), Introduction Writer/Methodologist/Assistant Researcher (30%); Alias RB (Third Author), Assistant Researcher/Discussion Writer (20%)
Funding/Support: This paper is funded by the authors, under University Tenaga Nasional, Malaysia.
3. Invest in cyber security technologies because a large portion of the population lacks the skills and knowledge required to defend against cyber risks. Nonetheless, it is critical to invest in cyber retraining in order to influence perceptions about cyber threats.
4. The necessity for comparative study arose as a result of cultural differences in cyber security understanding. As a result, training programmes should be designed with an international perspective in mind, focusing on individual behaviour rather than local and regional manifestations.
5. Employees' personal growth should be enhanced by practitioners promoting both cognitive and behavioral components.
6. Cognitive characteristics may be increased by reflecting on personal interests, talents, and values, which may improve employees' goal formulation in an intelligent approach.
7. Employees may be guided in constructing a realistic and time-bound action plan to achieve their personal objectives, which would improve their goal implementation capacities and, as a result, the behavioral aspects of personal growth.
8. Organizations should engage supervisors with training so they likely to encourage employees’ personal growth, develop their goal setting, and communicate on employees’ daily well-being.
9. A better employee's personal growth make them less reliant on affective swings to participate in everyday professional difficulties, which would positively contribute to beneficial outcomes such as greater person-job fit.
It is vital to note that this research has several limitations that should be considered. The primary restriction of this study is the sort of respondents. Workers in private hospitals in Libya and Yemen comprised the sample size. It is advised that a larger sample size, one that is not deemed a convenient sample and covers many disciplines, be used to increase the study's robustness. Another point of contention is from the variables' measurement. Face validity was employed in the construction of the questionnaire, and we relied on a team of professionals to design our survey instrument. Because this is one of the few research that assesses CSK and personal growth, the questionnaire should be re-evaluated to ensure its reliability and validity.
Future research should focus on developing particular instruments to assess CSK. Although we used a single-item scale to quantify this variable, multi-item scales were proven to be more reliable. Nonetheless, other scholars have proposed that if a single-item inquiry can elicit meaningful information, its simplicity can impart validity and reliability, even at the sacrifice of comprehensive detail. Still, more comprehensive tools for assessing cyber security expertise are required. Furthermore, this sort of study should be carried out in other nations with different values and attitudes, with the findings compared to the current study. Future research should look at how particular training programmes based on our study findings might increase CSK, personal growth, and skill-based behaviour.
Conclusion
Cybercrime poses a severe threat to information security as internet consumption rates continuously increase in organizations. Therefore, CSK has become increasingly urgent for both organizations and employees. Furthermore, the finding of the current study approved that CSK must be a strategic requirement for any organization that seeks to update its employees’ skills and knowledge to achieve PG. A higher level of personal growth can lead to self-efficacy and job satisfaction, positively impacting organizational well-being and effectiveness.
Acknowledgments: None declared.
Ethical Permissions: There is no ethical code for this article.
Conflicts of Interests: None declared.
Authors’ Contributions: Ali Alferjanya MAO (First Author), Introduction Writer/Methodologist/Main Researcher/Statistical Analyst/Discussion Writer (50%); Musaed Al-mwald MN (Second Author), Introduction Writer/Methodologist/Assistant Researcher (30%); Alias RB (Third Author), Assistant Researcher/Discussion Writer (20%)
Funding/Support: This paper is funded by the authors, under University Tenaga Nasional, Malaysia.
Article Type: Descriptive & Survey |
Subject:
Technology of Health Education
Received: 2022/04/22 | Accepted: 2022/06/5 | Published: 2022/06/15
Received: 2022/04/22 | Accepted: 2022/06/5 | Published: 2022/06/15
References
1. Le Cunff AL. Mind framing: a proposed framework for personal growth [Internet]. NESS LABS; 2019 [Cited 2022 Mar 3]. Available from: https://nesslabs.com/mindframing [Link] [DOI:10.2139/ssrn.3443568]
2. Senn MJE, editor. Symposium on the healthy personality. Josiah Macy, Jr. Foundation; 1950. [Link]
3. McLeod S. Erik Erikson's stages of psychosocial development. Simply Psychol [Internet]. New York: Simply Psychology; 2018 [Cited 2022 Mar 3]. Available from: https://www.simplypsychology.org/Erik-Erikson.html [Link]
4. Ryff CD, Boylan JM, Kirsch JA. Disagreement about recommendations for measurement of well-being. Prev Med. 2020;139:106049. [Link] [DOI:10.1016/j.ypmed.2020.106049]
5. Pakrosnis R, Cepukiene V. Solution-focused self-help for improving university students' wellbeing. Innov Educ Teach Int. 2015;52(4):437-47. [Link] [DOI:10.1080/14703297.2014.930352]
6. Shoukry H, Cox E. Coaching as a social process. Manag Learn. 2018;49(4):413-28. [Link] [DOI:10.1177/1350507618762600]
7. World Health Organization. Primary Care. Geneva: World Health Organization; 2022 [Cited 2022 Mar 5]. Available from: https://www.who.int/teams/integrated-health-services/clinical-services-and-systems/primary-care. [Link]
8. Wani TA, Mendoza A, Gray K. Hospital bring-your-own-device security challenges and solutions: systematic review of gray literature. JMIR mHealth uHealth. 2020;8(6):e18175. [Link] [DOI:10.2196/18175]
9. Seh AH, Zarour M, Alenezi M, Sarkar AK, Agrawal A, Kumar R, et al. Healthcare data breaches: insights and implications. Healthcare. 2020;8(2):133. [Link] [DOI:10.3390/healthcare8020133]
10. Yari IA, Dehling T, Kluge F, Geck J, Sunyaev A, Eskofier B. Security engineering of patient-centered health care information systems in peer-to-peer environments: systematic review. J Med Internet Res. 2021;23(11):e24460. [Link] [DOI:10.2196/24460]
11. Karyda M, Mitrou L. Data breach notification: issues and challenges for security management. MCIS. 2016:60. [Link]
12. Dong K, Ali RF, Dominic PDD, Ali SEA. The effect of organizational information security climate on information security policy compliance: the mediating effect of social bonding towards healthcare nurses. Sustainability. 2021;13(5):2800. [Link] [DOI:10.3390/su13052800]
13. Cram WA, Proudfoot JG, D'arcy J. Organizational information security policies: a review and research framework. Eur J Inf Syst. 2017;26(6):605-41. [Link] [DOI:10.1057/s41303-017-0059-9]
14. Anwar M, He W, Ash I, Yuan X, Li L, Xu LD. Gender difference and employees' cybersecurity behaviors. Comput Hum Behav. 2017;69:437-43. [Link] [DOI:10.1016/j.chb.2016.12.040]
15. Mitosis KD, Lamnisos D, Talias MA. Talent management in healthcare: a systematic qualitative review. Sustainability. 2021;13(8):4469. [Link] [DOI:10.3390/su13084469]
16. van Woerkom M, Meyers MC. Strengthening personal growth: The effects of a strength's intervention on personal growth initiative. J Occup Organiz Psychol. 2019;92(1):98-121. [Link] [DOI:10.1111/joop.12240]
17. Argaw ST, Troncoso-Pastoriza JR, Lacey D, Florin MV, Calcavecchia F, Anderson D, et al. Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks. BMC Med Inf Decis Mak. 2020;20(1). [Link] [DOI:10.1186/s12911-020-01161-7]
18. Song JY, Park JE. The effects of strategy of enhanced metacognition on the improvement of creative problem solving skills. J Digit Converg. 2017;15(7):1-2. [Link]
19. Offner KL, Sitnikova E, Joiner K, MacIntyre CR. Towards understanding cybersecurity capability in Australian healthcare organizations: a systematic review of recent trends, threats and mitigation. Intell Nat Secur. 2020;35(4):556-85. [Link] [DOI:10.1080/02684527.2020.1752459]
20. Al-Muhtadi J, Shahzad B, Saleem K, Jameel W, Orgun MA. Cybersecurity and privacy issues for socially integrated mobile healthcare applications operating in a multi-cloud environment. Health Inform J. 2019;315-29. [Link] [DOI:10.1177/1460458217706184]
21. Alonso SG, Arambarri J, López-Coronado M, de la Torre Díez I. Proposing new blockchain challenges in eHealth. J Med Syst. 2019;43:64. [Link] [DOI:10.1007/s10916-019-1195-7]
22. Bhuyan SS, Kabir UY, Escareno JM, Ector K, Palakodeti S, Wyant D, Kumar S, Levy M, Kedia S, Dasgupta D, Dobalian A. Transforming healthcare cybersecurity from reactive to proactive: current status and future recommendations. J med syst. 2020;44(5):1-9. [Link] [DOI:10.1007/s10916-019-1507-y]
23. Yeng PK, Yang B, Snekkenes EA. Healthcare staffs' information security practices towards mitigating data breaches: a literature survey. Stud Health Technol Inform. 2019;261:239-45. [Link]
24. O'Connor P. O'Connor P, Benţa MI, editors. The technologisation of the social: a political anthropology of the digital machine. London: Routledge; 2021. [Link]
25. Galinec D, Moznik D, Guberina B. Cybersecurity and cyber defense: national level strategic approach. Automatika. 2017;58(3):273-86. [Link] [DOI:10.1080/00051144.2017.1407022]
26. Wong LW, Lee VH, Tan GW, Ooi KB, Sohal A. The role of cybersecurity and policy awareness in shifting employee compliance attitudes: Building supply chain capabilities. Int J Inf Manag. 2022;66:102520. [Link] [DOI:10.1016/j.ijinfomgt.2022.102520]
27. Chen P, Chavez O, Ong DC, Gunderson B. Strategic resource use for learning: a self-administered intervention that guides self-reflection on effective resource use enhances academic performance. Psychol Sci. 2017;28(6):774-85. [Link] [DOI:10.1177/0956797617696456]
28. Sekaran U, Bougie R. Research methods for business: a skill building approach. 7th Edition. Hoboken: Wily; 2016. [Link]
| Rights and permissions | |
 |
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. |