Affiliation:
1. Consultant Process & Information Management, Dux Group, 3011 TA Rotterdam, The Netherlands
2. Management Sciences and Marketing, The University of Manchester, Manchester M15 6PB, UK
Abstract
Cybercrime is currently rapidly developing, requiring an increased demand for information security knowledge. Attackers are becoming more sophisticated and complex in their assault tactics. Employees are a focal point since humans remain the ‘weakest link’ and are vital to prevention. This research investigates what cognitive and internal factors influence information security awareness (ISA) among employees, through quantitative empirical research using a survey conducted at a Dutch financial insurance firm. The research question of “How and to what extent do cognitive and internal factors contribute to information security awareness (ISA)?” has been answered, using the theory of situation awareness as the theoretical lens. The constructs of Security Complexity, Information Security Goals (InfoSec Goals), and SETA Programs (security education, training, and awareness) significantly contribute to ISA. The most important research recommendations are to seek novel explaining variables for ISA, further investigate the roots of Security Complexity and what influences InfoSec Goals, and venture into qualitative and experimental research methodologies to seek more depth. The practical recommendations are to minimize the complexity of (1) information security topics (e.g., by contextualizing it more for specific employee groups) and (2) integrate these simplifications in various SETA methods (e.g., gamification and online training).
Reference150 articles.
1. Cyber security: State of the art, challenges and future directions;Admass;Cyber Secur. Appl.,2023
2. Cyber Security Threats and Countermeasures in Digital Age;Thakur;J. Appl. Sci. Educ. (JASE),2024
3. Gartner (2024). Top Trends in Cybersecurity for 2024, Gartner. Available online: https://www.gartner.com/en/cybersecurity/trends/cybersecurity-trends.
4. Working from Home: Cybersecurity in the Age of Covid-19;Borkovich;Issues Inf. Syst.,2020
5. IT risk and resilience—Cybersecurity response to COVID-19;Weil;IT Prof.,2020