The Effects of Awareness Programs on Information Security in Banks: The Roles of Protection Motivation and Monitoring

Bauer, Stefan; Bernroider, Edward

doi:10.1007/978-3-319-20376-8_14

Cited by 12 publications

(16 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While one study [41] failed to meet the threshold for a weak effect, a funnel plot also indicated that it represented an outlier in the available data. Of the other studies, one reported a medium effect [5] and five reported a weak effect [6,13,27,28]. Overall, our investigation therefore indicates a weak positive reliable effect for response efficacy on BI.…”

Section: Protection Motivation Theorymentioning

confidence: 47%

“…Self-efficacy. Three studies [5,13] investigating the effect of selfefficacy on BI could be found in the literature review. All three show small effects (0.190 ≤ β ≤ 0.296), drawing a relatively clear picture.…”

Section: Protection Motivation Theorymentioning

confidence: 99%

“…Five relevant studies from the literature research investigate the effect of the perceived severity of threats on BI. Four of those [5,6,13] report a weak positive effect (0.120 ≤ β ≤ 0.276). In contrast, only one [27] indicates a weak negative effect (β = −0.200).…”

Section: Protection Motivation Theorymentioning

confidence: 99%

See 2 more Smart Citations

Reliable Behavioural Factors in the Information Security Context

Mayer

Kunz

Volkamer

2017

Proceedings of the 12th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Users do often not behave securely when using information technology. Many studies have tried to identify the factors of behavioural theories which can increase secure behaviour. The goal of this work is to identify which of the factors are reliably associated with secure behaviour across multiple studies. Those factors are of interest to information security professionals since addressing them in security awareness and education campaigns can help improving security related processes of users. To attain our goal, we conducted a systematic literature review and assessed the reliability of the factors based on the effect sizes reported in the literature. Our results indicate that 11 out of the 14 factors from well established behavioural theories can be associated with reliable effects in the information security context. These factors cover very different aspects: influence of the users skills, whether the environment makes it possible to exhibit secure behaviour, the influence of friends or co-workers, and the perceived properties of the secure behaviour (e.g. response cost). Also, we identify areas, where more studies are needed to increase the confidence of the factors' reliability assessment. CCS CONCEPTS • Security and privacy → Social aspects of security and privacy; Usability in security and privacy;

show abstract

Section: Protection Motivation Theorymentioning

confidence: 47%

Section: Protection Motivation Theorymentioning

confidence: 99%

See 1 more Smart Citation

Reliable Behavioural Factors in the Information Security Context

Mayer

Kunz

Volkamer

2017

Proceedings of the 12th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

show abstract

“…In a general way, ISA programs and ISATs may generate a false sense of security, as taking part in ISA programs reduces perceptions of vulnerability, while the intentions for compliant security behavior are not affected [77]. Information and IT security awareness-raising measures and the evaluation of these measures are an indispensable part of today's information and knowledge society [65].…”

Section: Discussionmentioning

confidence: 99%

Information Security Awareness in Public Administrations

Scholl¹

2018

Public Management and Administration

View full text Add to dashboard Cite

Government digital agendas worldwide go hand in hand with the digital transformation in businesses and public administrations as well as the digital changes taking place in society. Information security (IS) and awareness (ISA) must be an integrated part of these agendas. The goal of IS is to protect information of all types and origins. Here, the employees play a necessary and significant role in the success of IS, and the entire staff of an institution need to know about their specific roles and be aware of the information security management system (ISMS). As there are still fundamental strategic deficiencies in the institutions themselves, humans should not be called "the weakest link" in the security chain. Rather, sustainable awareness-raising and training for people should be established in the institutions using interactive, authentic, and game-based learning methods. Psychological studies show the great importance of emotionalization when communicating IS knowledge and the reliable exchange of experience about IS. However, in many institutions, a change in culture is becoming necessary. IS must be integrated into all (business) processes and projects, and viable safeguards must be included. This chapter summarizes the most important scientific findings and transfers them to the practice of public administrations in Germany. Moreover, it shows examples of learning methods and provides practical assistance for IS sensitization and training.

show abstract

“…In the German banking sector, Bauer and Bernroider find strong empirical evidence showing the importance of ISA programs, protection motivation, and monitoring [4], while the findings of Fagade and Tryfonas suggest that security by compliance as a campaign to secure information assets in Nigerian financial institutions is a far-fetched approach [24]. This might relate to sociocultural influences on ISA.…”

Section: Kab: Knowledge Attitude Behaviormentioning

confidence: 99%

Scientific Knowledge of the Human Side of Information Security as a Basis for Sustainable Trainings in Organizational Practices

Scholl¹,

Fuhrmann²,

Scholl³

2018

Proceedings of the 51st Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Comprehensive digitization leads to new challenges because of cybercrime and related security countermeasures. There is no doubt that this will fundamentally affect our lives and is leading to an increase in the importance of information security (IS). However, technology solutions alone are not sufficient to ensure IS countermeasures. The human side of security is important to protect organizational assets like user information and systems. The paper illustrates these relationships in terms of information security awareness (ISA), examining its goals and the factors influencing it through the systematic analysis and review of scientific literature and the transfer of scientific knowledge for practical purposes. We reviewed the publications of leading academic journals in the field of IS over the past decade.

show abstract

The Effects of Awareness Programs on Information Security in Banks: The Roles of Protection Motivation and Monitoring

Cited by 12 publications

References 33 publications

Reliable Behavioural Factors in the Information Security Context

Reliable Behavioural Factors in the Information Security Context

Information Security Awareness in Public Administrations

Scientific Knowledge of the Human Side of Information Security as a Basis for Sustainable Trainings in Organizational Practices

Contact Info

Product

Resources

About