A Taxonomy of SETA Methods and Linkage to Delivery Preferences-Reference-Cited by-同舟云学术

A Taxonomy of SETA Methods and Linkage to Delivery Preferences

Published:2023-10-23 Issue:4 Volume:54 Page:107-133
ISSN:0095-0033
Container-title:ACM SIGMIS Database: the DATABASE for Advances in Information Systems
language:en
Short-container-title:SIGMIS Database

Author:

Kävrestad Joakim¹^ORCID,Nohlberg Marcus¹^ORCID,Furnell Steven²^ORCID

Affiliation:

1. University of Skövde, Skövde, Sweden

2. University of Nottingham, Nottingham, United Kingdom

Abstract

Cybersecurity threats targeting users are common in today's information systems. Threat actors exploit human behavior to gain unauthorized access to systems and data. The common suggestion for addressing this problem is to train users to behave better using SETA programs. The notion of training users is old, and several SETA methods are described in scientific literature. Yet, incidents stemming from insecure user behavior continue to happen and are reported as one of the most common types of incidents. Researchers argue that empirically proven SETA programs are needed and point out focus on knowledge rather than behavior, along with poor user adoption, as problems with existing programs. The present study aims to research user preferences regarding SETA methods, with the motivation that a user is more likely to adopt a program perceived positively. A qualitative approach is used to identify existing SETA methods, and a quantitative approach is used to measure user preferences regarding SETA delivery. We show that users prefer SETA methods to be effortless and flexible and outline how existing methods meet that preference. The results outline how SETA methods respond to user preferences and how different SETA methods can be implemented to maximize user perception, thereby supporting user adoption.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Management Information Systems

Link

https://dl.acm.org/doi/pdf/10.1145/3631341.3631348

Reference159 articles.

1. User preference of cyber security awareness delivery methods

2. Abbasi , A. , Zahedi , F. M. , & Chen , Y. ( 2016 ). Phishing susceptibility: The good, the bad, and the ugly. Paper presented at the 2016 IEEE Conference on Intelligence and Security Informatics . Abbasi, A., Zahedi, F. M., & Chen, Y. (2016). Phishing susceptibility: The good, the bad, and the ugly. Paper presented at the 2016 IEEE Conference on Intelligence and Security Informatics.

3. Abraham , S. , & Chengalur-Smith , I. ( 2019 ). Evaluating the effectiveness of learner controlled information security training. Computers & Security, 87 . Abraham, S., & Chengalur-Smith, I. (2019). Evaluating the effectiveness of learner controlled information security training. Computers & Security, 87.

4. Lecture Notes in Engineering and Computer Science;Al-Daeef M. M.,2017

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Understanding Cybersecurity Threats in E-Commerce;Advances in Web Technologies and Engineering;2024-08-30

2. Information Security Awareness in the Insurance Sector: Cognitive and Internal Factors and Combined Recommendations;Information;2024-08-21