Author:
Brehmer Martin,Steinherr Vanessa,Stöckl Raphaela
Abstract
ZusammenfassungEffective information security awareness programs are crucial for building resilience against cyberattacks,
and they are thus, a major part of an organization’s security investments. However, studies reveal that
they are often ineffective and perceived to be burdensome. Thus, we share insights from two new approaches
that are effective in both, building information security awareness and motivating participants to engage
with information security learning content profoundly.
Publisher
Springer Science and Business Media LLC
Reference11 articles.
1. ENISA. 2023. ENISA Threat Landscape 2023. EUROPEAN UNION AGENCY FOR CYBERSECURITY (ENISA).
2. Siqi Hu, Carol Hsu, and Zhongyun Zhou. 2022. Security Education, Training, and Awareness Programs: Literature Review. Journal of Computer Information Systems 62, 4, 752–764. DOI: https://doi.org/10.1080/08874417.2021.1913671.
3. Martin Brehmer, Antragama E. Abbas, and Nageswaran Vaidyanathan. 2021. Towards Designing a Method to Create Sticky Information Security Training for SMEs: Identifying Design Factors. In 29th European Conference on Information Systems (ECIS 2021), 1–13.
4. Nabin Chowdhury, Sokratis Katsikas, and Vasileios Gkioulos. 2022. Modeling effective cybersecurity training frameworks: A delphi method-based study. Computers & Security 113, 102551. DOI: https://doi.org/10.1016/j.cose.2021.102551.
5. A. Reeves, D. Calic, and P. Delfabbro. 2021. “Get a red-hot poker and open up my eyes, it’s so boring”1: Employee perceptions of cybersecurity training. Computers & Security 106, 102281. DOI: https://doi.org/10.1016/j.cose.2021.102281.