Is it possible to change the cyber security behaviours of employees? Barriers and promoters

The increase in cyber attacks cause individuals and businesses to face financial loss and reputation damage. Most cyber security studies ignore human factor and focus only on technological measures although the cyber security behaviors of employees are vital for the organisations. This paper aims to explore and discuss the role of employees in cyber security. In-depth interviews with eight cyber security experts were conducted through semi-structured, open-ended interviews. This study gives perspectives regarding the cyber security behaviors of employees, the barriers and promoters of secure behaviors in cyberspace. The findings mainly stem reasons of unsecure behaviors and solutions for them, and provide implications to companies for effective training and recommendations to adopt secure behaviors in the companies.