Topic
Security awareness
About: Security awareness is a research topic. Over the lifetime, 1058 publications have been published within this topic receiving 12807 citations.
Papers published on a yearly basis
Papers
1 Mar 2009
TL;DR: This study uses the Health Belief Model, adapted from the healthcare literature, to study users' computer security behavior and shows that perceived susceptibility, perceived benefits, and self-efficacy are determinants of email related security behavior.
Abstract: The damage due to computer security incidents is motivating organizations to adopt protective mechanisms. While technological controls are necessary, computer security also depends on individual's security behavior. It is thus important to investigate what influences a user to practice computer security. This study uses the Health Belief Model, adapted from the healthcare literature, to study users' computer security behavior. The model was validated using survey data from 134 employees. Results show that perceived susceptibility, perceived benefits, and self-efficacy are determinants of email related security behavior. Perceived severity moderates the effects of perceived benefits, general security orientation, cues to action, and self-efficacy on security behavior.
606 citations
TL;DR: The objective of this paper is to report on the development of a prototype model for measuring information security awareness in an international mining company.
468 citations
TL;DR: Interviews of users at an IT-company and a bank were qualitatively analyzed in order to explore users' experience of information security and their personal role in the information security work.
407 citations
TL;DR: The results suggest that simply listing what not to do and penalties associated with a wrong doing in the users' information security policy alone will have a limited impact on effective implementation of security measures.
384 citations
TL;DR: This study conducted information security awareness using text-based, game-based and video-based delivery methods and suggests that a combined delivery methods are better than individual security awareness delivery method.
Abstract: Operating systems and programmes are more protected these days and attackers have shifted their attention to human elements to break into the organisation's information systems. As the number and frequency of cyber-attacks designed to take advantage of unsuspecting personnel are increasing, the significance of the human factor in information security management cannot be understated. In order to counter cyber-attacks designed to exploit human factors in information security chain, information security awareness with an objective to reduce information security risks that occur due to human related vulnerabilities is paramount. This paper discusses and evaluates the effects of various information security awareness delivery methods used in improving end-users’ information security awareness and behaviour. There are a wide range of information security awareness delivery methods such as web-based training materials, contextual training and embedded training. In spite of efforts to increase information security awareness, research is scant regarding effective information security awareness delivery methods. To this end, this study focuses on determining the security awareness delivery method that is most successful in providing information security awareness and which delivery method is preferred by users. We conducted information security awareness using text-based, game-based and video-based delivery methods with the aim of determining user preferences. Our study suggests that a combined delivery methods are better than individual security awareness delivery method.
341 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2025 | 17 |
| 2024 | 19 |
| 2023 | 52 |
| 2022 | 80 |
| 2021 | 63 |
| 2020 | 87 |