The thesis identified influencers and barriers to specific security behaviours and developed an extended-Protection Motivation Theory model. The model includes information sensitivity appraisal as an important influencer for which a new scale (WISA) was developed and validated. The model was tested on three specific anti-malware behaviours: usage of antimalware software, installing software updates and avoiding suspicious links within emails. The testing allowed the identification of the most influential factors for each behaviour and demonstrated how these factors differ between behaviours. A nuance that is lost when adopting the IS policy compliance approach and was also confirmed by the qualitative findings. The findings from the models informed the design of the behaviour change intervention.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...