Author(s): Cai Zhi Meng, Siti Khalidah Mohd Yusoff, Brian Sheng-Xian Teo
The application of various APPS leads to threats to bank information security, so there is an urgent need for an effective method to improve the information security awareness of bank employees. The purpose of this before-after investigation is to emphasize the importance of information security drill by comparing the same factors affecting bank Employees’ information security awareness based on extended parallel processing model (EPPM). Drawing on a before-after research design, this article examines the links of perceived severity, fear, perceived susceptibility, self-efficiency, response efficacy and bank employees’ information security awareness. Research results indicate that experience with infection of malwares can enhance bank employees’ defensive behavior, which proves information security drill is useful for information security education among bank employees. In the before-test, the relationships between perceived severity and response efficacy, perceived susceptibility and response efficacy, perceived severity and self-efficacy, fear and awareness are not significant. But in the after-test, not only all relationships are supported, but also all the t-values have increased. It indicate that information security drill can improve the risk-resisting ability and the banks can combine information security drill with vocational education, knowledge popularization, staff training, daily demonstration and advertising to reduce the financial and competing cost related with financial fraud and hacker attacks. It proves that drill can test the bank's existing information security rules, improve the tacit understanding of various departments, and achieve the best results with less consumption.