Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training
Journal of Intellectual Capital
ISSN: 1469-1930
Article publication date: 20 December 2019
Issue publication date: 28 May 2020
Abstract
Purpose
An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents. To prevent more data breaches to intellectual capital, organizations must provide regular cybersecurity awareness training for all personnel. The purpose of this paper is to investigate the effect of different evidence-based cybersecurity training methods on employees’ cybersecurity risk perception and self-reported behavior.
Design/methodology/approach
The study participants were randomly assigned into four groups (i.e. malware report, malware videos, both malware report and malware videos and no interventions) to assess the effects of cybersecurity training on their perceptions of vulnerability, severity, self-efficacy, security intention as well as their self-reported cybersecurity behaviors.
Findings
The results show that evidence-based malware report is a relatively better training method in affecting employees’ intentions of engaging in recommended cybersecurity behaviors comparing with the other training methods used in this study. A closer analysis suggests whether the training method contains self-relevant information could make a difference to the training effects.
Originality/value
This paper reports an in-depth investigation on how different evidence-based cybersecurity training methods impact employees’ perceptions of susceptibility, severity, self-efficacy, security intention as well as on their self-reported cybersecurity behaviors.
Keywords
Acknowledgements
This work was supported in part by the US National Science Foundation under Grant SES-1318470 and SES-1318501.
Citation
He, W., Ash, I., Anwar, M., Li, L., Yuan, X., Xu, L. and Tian, X. (2020), "Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training", Journal of Intellectual Capital, Vol. 21 No. 2, pp. 203-213. https://doi.org/10.1108/JIC-05-2019-0112
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited