Factors Influencing the Level of Cybersecurity Awareness among Accounting Professionals
Article Sidebar
Main Article Content
Abstract
This study aims to investigate the factors influencing cybersecurity awareness levels among accounting professionals. The study examines four key factors: (1) fundamental knowledge, (2) training, (3) attitudes, and (4) behaviors. Employing a quantitative research methodology, data was collected from 305 accounting professionals in Thailand through questionnaires administered between October 2024 and January 2025. The analysis employed both descriptive and inferential statistics with a significance level set at 0.05.
The findings reveal that respondents demonstrated the highest level of cybersecurity awareness overall. Fundamental knowledge and training were identified as the most significant factors, followed by attitudes and behaviors, respectively. Furthermore, demographic variables including age, professional certification, organizational affiliation, area of expertise, and work experience significantly influenced awareness levels, while gender and educational background showed no significant impact. This study proposes the development of cybersecurity curricula and training programs tailored to accounting professionals' needs, integration of cybersecurity knowledge into undergraduate accounting programs, incorporation of cybersecurity expertise into professional licensing requirements, establishment of organizational cultures emphasizing cybersecurity prevention, and promotion of collaborative networks among professional associations, educational institutions, and government agencies to develop cybersecurity practices appropriate for the Thai accounting profession context.
Article Details
เนื้อหาและข้อมูลในบทความที่ลงตีพิมพ์ในวารสารสภาวิชาชีพบัญชี ถือเป็นข้อคิดเห็นและความรับผิดชอบของผู้เขียนบทความโดยตรงซึ่งกองบรรณาธิการวารสารไม่จำเป็นต้องเห็นด้วยหรือร่วมรับผิดชอบใด ๆ
บทความ ข้อมูล เนื้อหา รูปภาพ ฯลฯ ที่ได้รับการตีพิมพ์ในวารสารสภาวิชาชีพบัญชี ถือเป็นลิขสิทธิ์ของวารสารสภาวิชาชีพบัญชี หากบุคคลหรือหน่วยงานใดต้องการนำข้อมูลทั้งหมดหรือบางส่วนไปเผยแพร่ต่อหรือเพื่อกระทำการใดๆ จะต้องได้รับอนุญาตเป็นลายลักษณ์อักษรจากวารสารสภาวิชาชีพบัญชี ก่อนเท่านั้น
References
Ajzen, I. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179–211. https://doi.org/10.1016/0749-5978(91)90020-T
Branley-Bell, D., Coventry, L., Dixon, M., Joinson, A., & Briggs, P. (2022). Exploring age and gender differences in ICT cybersecurity behaviour. Human Behavior and Emerging Technologies, 2022, 1–10. https://doi.org/10.1155/2022/2693080
Charoenpichet, Chanida (2023) The relationship between cybersecurity awareness and behavior of certified public accountants in Thailand (Independent study, Master of Accountancy). Thammasat University.
Cochran, W. G. (1977). Sampling techniques (3rd ed.). John Wiley & Sons.
Cronbach, L. J. (1990). Essentials of psychological testing (5th ed.). Harper & Row.
Endsley, M. R. (1995). Toward a theory of situation awareness in dynamic systems. Human Factors, 37(1), 32–64. https://doi.org/10.1518/001872095779049543
Fattah, A., Wagimin, W., & Nurlia, N. (2023). Enhancing cybersecurity awareness among university students: A study on the relationship between knowledge, attitude, behavior, and training. JSI: Jurnal Sistem Informasi (E-Journal), 15(1). https://doi.org/10.18495/jsi.v15i1.21812
Felt, A. P., Barnes, R., King, A., Palmer, C., Bentzel, C., & Tabriz, P. (2017). Measuring HTTPS adoption on the web. In Proceedings of the 26th USENIX Security Symposium (pp. 1323–1338). USENIX Association.
European Parliament (2016). General data protection regulation (GDPR) – Legal text. https://gdpr-info.eu/
Hasan, L., Hossain, M. Z., Johora, F. T., & Hasan, M. H. (2024). Cybersecurity in accounting: Protecting financial data in the digital age. European Journal of Applied Science, Engineering and Technology, 2(6), 64–80. https://doi.org/10.59324/ejaset.2024.2(6).06
Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51(1), 69–79. https://doi.org/10.1016/j.im.2013.10.001
International Organization for Standardization & International Electrotechnical Commission. (2013). ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements. International Organization for Standardization. https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en
Katz, D. (1960). The functional approach to the study of attitudes. Public Opinion Quarterly, 24(2), 163–204. https://doi.org/10.1086/266945
Mamade, B. K., & Dabala, D. M. (2021). Exploring the correlation between cybersecurity awareness, protection measures and the state of victimhood: The case study of Ambo University’s academic staffs. Journal of Cyber Security and Mobility, 10(4), 419–439. https://doi.org/10.13052/jcsm2245-1439.1044
National Cyber Security Agency (NCSA). (2025). Threat statistics. https://www.ncsa.or.th/policy/threat-statistics
Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change. The Journal of Psychology, 91(1), 93–114. https://doi.org/10.1080/00223980.1975.9915803
Royal Gazette. (2004). Accounting Profession Act B.E. 2004. https://www.tfac.or.th/upload/9414/BQnA6YI6XE.pdf
Royal Gazette. (2017). Computer Crime Act (No. 2) B.E. 2017. https://www.ratchakitcha.soc.go.th/DATA/PDF/2560/A/010/24.PDF
Royal Gazette. (2019). Personal Data Protection Act B.E. 2562. https://www.ratchakitcha.soc.go.th/DATA/PDF/2562/A/069/T_0052.PDF
SEC. (2018). Commission statement and guidance on public company cybersecurity disclosures. https://www.sec.gov/rules/interp/2018/33-10459.pdf
Shaw, R. S., Chen, C. C., Harris, A. L., & Huang, H.-J. (2009). The impact of information richness on information security awareness training effectiveness. Computers & Education, 52(1), 92–100. https://doi.org/10.1016/j.compedu.2008.06.011
Swain, N. (2014). A multi-tier approach to cyber security education, training, and awareness in the undergraduate curriculum (CSETA). In 2014 ASEE Annual Conference & Exposition Proceedings (pp. 24.72.1–24.72.9). American Society for Engineering Education. https://doi.org/10.18260/1-2--19964
Thammasiri, M., & Wongthongdee, S. (2022). Cyber security awareness of employees in one private company in Bangkok area. Thai Research and Management Journal, 3(2), 1–17.
Trim, P. R. J., & Lee, Y.-I. (2019). The role of B2B marketers in increasing cyber security awareness and influencing behavioural change. Industrial Marketing Management, 83, 224–238. https://doi.org/10.1016/j.indmarman.2019.04.003
World Economic Forum. (2024). The global risks report 2024 (19th ed.). https://www.weforum.org/publications/global-risks-report-2024/
Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H. N. (2022). Cyber security awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems, 62(1), 82–97. https://doi.org/10.1080/08874417.2020.1712269
