Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training
Purpose An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents. To prevent more data breaches to intellectual capital, organizations must provide regular cybersecurity awareness trainin...
Saved in:
Published in | Journal of intellectual capital Vol. 21; no. 2; pp. 203 - 213 |
---|---|
Main Authors | , , , , , , |
Format | Journal Article |
Language | English |
Published |
Bradford
Emerald Publishing Limited
28.05.2020
Emerald Group Publishing Limited |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Purpose
An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents. To prevent more data breaches to intellectual capital, organizations must provide regular cybersecurity awareness training for all personnel. The purpose of this paper is to investigate the effect of different evidence-based cybersecurity training methods on employees’ cybersecurity risk perception and self-reported behavior.
Design/methodology/approach
The study participants were randomly assigned into four groups (i.e. malware report, malware videos, both malware report and malware videos and no interventions) to assess the effects of cybersecurity training on their perceptions of vulnerability, severity, self-efficacy, security intention as well as their self-reported cybersecurity behaviors.
Findings
The results show that evidence-based malware report is a relatively better training method in affecting employees’ intentions of engaging in recommended cybersecurity behaviors comparing with the other training methods used in this study. A closer analysis suggests whether the training method contains self-relevant information could make a difference to the training effects.
Originality/value
This paper reports an in-depth investigation on how different evidence-based cybersecurity training methods impact employees’ perceptions of susceptibility, severity, self-efficacy, security intention as well as on their self-reported cybersecurity behaviors. |
---|---|
ISSN: | 1469-1930 1758-7468 |
DOI: | 10.1108/JIC-05-2019-0112 |