Cyber security is a concern for all modern organizations. These organizations cannot achieve their cyber security goals through hardware and information technology (IT) workers alone, so all employees who use computer networks must be trained on the knowledge, skills and policies related to cyber security. This paper reviews what is known about effective cyber security training for end users of computer systems and offers suggestions about how human resource (HR) leaders can effectively implement this training. This includes a broad review of the cyber security policies and competencies that are the basis for training needs analysis,
setting learning goals, and effective training design. Finally, the paper discusses opportunities for human resource (HR) practitioners, industrial and organizational (I-O) psychologists, and information technology (IT) specialists to integrate their skills and enhance the capabilities of organizations to counteract cyber security threats.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...