Open this publication in new window or tab >>2025 (English)In: Human Aspects of Information Security and Assurance: 18th IFIP WG 11.12 International Symposium, HAISA 2024, Skövde, Sweden, July 9–11, 2024, Proceedings, Part II / [ed] Nathan Clarke; Steven Furnell, Cham: Springer, 2025, p. 47-60Conference paper, Published paper (Refereed)
Abstract [en]
Insecure user behavior is the most common cause of cybersecurity incidents. Insecure behavior includes failing to detect phishing, insecure password management, and more. The problem has been known for decades, and state-of-the-art mitigation methods include security education, training, and awareness (SETA). A common problem with SETA is, however, that users do not seem to adopt it to a high enough extent. When users are not adopting SETA, its intended benefit is lost. Previous research argues for personalized SETA and suggests that different user groups have different SETA needs and preferences. The characteristics of those groups are, however, unknown. To that end, this research draws on an existing dataset to identify how different populations perceive different SETA methods. A quantitative analysis shows that users in different demographic groups have different SETA preferences, with age being the most impactful demographic. A qualitative analysis reveals further factors that impact user adoption of SETA, with cost and ease of use being important factors for further research.
Place, publisher, year, edition, pages
Cham: Springer, 2025
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238, E-ISSN 1868-422X ; 722
Keywords
Awareness, Cybersecurity, Education, Human Factor, SETA, Training, User, Phishing, Cyber security, Education training, Password management, Security awareness, Security education, Security training, User behaviors
National Category
Information Systems Information Systems, Social aspects Human Computer Interaction
Research subject
Information Systems
Identifiers
urn:nbn:se:his:diva-24794 (URN)10.1007/978-3-031-72563-0_4 (DOI)2-s2.0-85211347407 (Scopus ID)978-3-031-72562-3 (ISBN)978-3-031-72565-4 (ISBN)978-3-031-72563-0 (ISBN)
Conference
18th IFIP WG 11.12 International Symposium, HAISA 2024, Skövde, Sweden, July 9–11, 2024
Projects
VISKAICANP
Funder
Swedish Civil Contingencies Agency, MSB 2021-14650Swedish Civil Contingencies Agency, MSB 2023-10887
Note
© IFIP International Federation for Information Processing 2025
Correspondence Address: J. Kävrestad; School of Engineering, Jönköping University, Jönköping, Sweden; email: joakim.kavrestad@ju.se
We gratefully acknowledge the grants from the Swedish Civil Contingencies Agency (MSB), projects VISKA (MSB 2021-14650) and ICANP (MSB 2023-10887).
2024-12-192024-12-192025-01-14Bibliographically approved