This study researched how a user’s knowledge affects their engagement in security behaviors. Security behaviors were operationalized into two categories: cyber hygiene and threat response behaviors. A sample of 194 San José State University students were recruited to...
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
To see the latest studies from pioneering academics, scroll down.
Managing the introduction of information security awareness programmes in organisations
Several studies explore information security awareness focusing on individual and/or organisational aspects. This paper argues that security awareness processes are associated with interrelated changes that occur at the organisational, the technological and the...
Employee information security beliefs in the home environment
Through a series of qualitative interviews with 19 participants, this study looked into and reported several factors influencing employees' security behaviour at home.
The socio-technical impact on security of the healthcare internet of things in the use of personal monitoring devices (PMDs)
This paper sets out a framework that might allow those who use healthcare personal monitoring devices (such as fitness trackers) to better protect their personal information.
What do they really think? Overcoming social acceptability bias in information security research
This study used two techniques to ensure people accurately reported attitudes on information security in the workplace. A key finding was those who believed information security to be the responsibility of the organisation felt security risks to be overstated, whereas...
Understanding susceptibility to phishing emails: Assessing the impact of individual differences and culture
This study looked into how individual differences and national culture impacted participants’ responses to phishing and spear-phishing emails. The study found a national culture that promoted the needs of the individual (rather than the needs of society) increased the...
Understanding the relationships between resilience, work stress and information security awareness
This study examined the relationship between Information Security Awareness (ISA), resilience and work stress, finding greater resilience to be associated with higher ISA and lower work stress.
Securing mobile devices: Evaluating the relationship between risk perception, organisational commitment and information security awareness
This study examined the relationship between perception of risk, organisational commitment, and Information Security Awareness (ISA), finding both organisational commitment and perception of personal risk to be significant predictors of ISA. Surprisingly, frequency of...
Deep thought: A cybersecurity story
ideas42 aims to help solve difficult social problems using insights from behavioural science. In this instance, the problem in question is the human aspect of cyber security. The paper applies psychology and behavioural science principles to common cyber security...
Embedding security behaviours: Using the 5Es
This framework is designed to help embed and sustain security behaviours in employees. The framework is condensed into 5Es (Educate, Enable, Environment, Encourage, Evaluate) and explains how to implement these using examples and tactical interventions.