Exploring Age and Gender Differences in ICT Cybersecurity Behaviour

Abstract

Known age differences exist in relation to information and communication technology (ICT) use, attitudes, access, and literacy. Less is known about age differences in relation to cybersecurity risks and associated cybersecurity behaviours. Using an online survey, this study analyses data from 579 participants to investigate age differences across four key cybersecurity behaviours: device securement, password generation, proactive checking, and software updating. Significant age differences were found; however, this is not a straightforward relationship. Older users appear less likely to secure their devices compared to younger users; however, the reverse was found for the other behaviours, with older users appearing more likely to generate secure passwords and show proactive risk awareness and regularly install updates. Gender was not a significant predictor of security behaviour (although males scored higher for self-reported computer self-efficacy and general resilience). Self-efficacy was identified as a mediator between age and three of the cybersecurity behaviours (password generation, proactive checking, and updating). General resilience was also a significant mediator for device securement, password generation, and updating; however, resilience acted as a moderator for proactive checking. Implications of these findings are twofold: firstly, helping to guide the development of training and interventions tailored to different cybersecurity behaviours and secondly informing cybersecurity policy development.