Furthermore, educational institutions have the highest documented rate of information being compromised (Custer, 2010; Jones, 2009). Ayyagari and Tyks (2012) wrote that over 8 million academic records were compromised from security breaches in 2005. Data breaches have continued to rise since 2005 despite implemented regulations designed to protect information (Sen & Borle, 2015). A method for mitigating and combating the unauthorized release of PII is the training and education of users in the arena of information security (Aloul, 2012). The unauthorized release of information or information leakage can be attributed to either internal or external entities that are conducted either by a human or technical methods (Trinkle et al., 2014). Shaw, Keh, Huang, & Huang (2011) noted that 50% incidents related to information security were associated to the inattentiveness of personnel handling the information. Employees in non-information security roles feel the protection or practice of securing information is the job of those in information security roles (Thomson & van Niekerk, 2012). Consequently and due to increases to information security threats (Cavelty, 2014), White et al. (2013) remarked the increased need for educating users on methods to secure information. Educating users in the various characteristics of information security awareness
Furthermore, educational institutions have the highest documented rate of information being compromised (Custer, 2010; Jones, 2009). Ayyagari and Tyks (2012) wrote that over 8 million academic records were compromised from security breaches in 2005. Data breaches have continued to rise since 2005 despite implemented regulations designed to protect information (Sen & Borle, 2015). A method for mitigating and combating the unauthorized release of PII is the training and education of users in the arena of information security (Aloul, 2012). The unauthorized release of information or information leakage can be attributed to either internal or external entities that are conducted either by a human or technical methods (Trinkle et al., 2014). Shaw, Keh, Huang, & Huang (2011) noted that 50% incidents related to information security were associated to the inattentiveness of personnel handling the information. Employees in non-information security roles feel the protection or practice of securing information is the job of those in information security roles (Thomson & van Niekerk, 2012). Consequently and due to increases to information security threats (Cavelty, 2014), White et al. (2013) remarked the increased need for educating users on methods to secure information. Educating users in the various characteristics of information security awareness