This paper discusses users’ practices on IT security in Cyprus organizations. This investigation is part of a broader research effort initiated by researchers at University of Nicosia that aims in the development of an enterprise Mashup application that private and public organizations could use to specify and manage their strategies regarding ICT security.

The questionnaire was drafted based on the IT Security Guidelines promoted by the national security agency of the German federal government, as it is a comprehensive checklist on security matters. A survey is currently underway among Cypriot organizations and enterprises regarding established security procedures and policies on ICT security. Based on the received responses (approximately half the expected sample size), preliminary results show that security mechanisms and their management are deployed in a majority of the organizations. A more accurate and complete analysis will be available upon completion of the survey.