Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Establishing a model for the user acceptance of cybersecurity training
School of Computer Science, University of Nottingham, Nottingham, UK.
Jönköping University, School of Engineering, JTH, Department of Computer Science and Informatics.ORCID iD: 0000-0003-2084-9119
School of Computer Science, University of Nottingham, Nottingham, UK.
2024 (English)In: Future Internet, E-ISSN 1999-5903, Vol. 16, no 8, article id 294Article in journal (Refereed) Published
Abstract [en]

Cybersecurity is established as fundamental for organisations and individuals engaging with digital technology. A central topic in cybersecurity is user behaviour, which has been shown to be the root cause or enabler in a majority of all cyber incidents with a resultant need to empower users to adopt secure behaviour. Researchers and practitioners agree that a crucial step in empowering users to adopt secure behaviour is training. Subsequently, there are many different methods for cybersecurity training discussed in the scientific literature and that are adopted in practise. However, research suggests that those training efforts are not effective enough, and one commonly mentioned reason is user adoption problems. In essence, users are not engaging with the provided training to the extent needed to benefit from the training as expected. While the perception and adoption of individual training methods are discussed in the scientific literature, cohesive studies on the factors that impact user adoption are few and far between. To that end, this paper focuses on the user acceptance of cybersecurity training using the technology acceptance model as a theory base. Based on 22 included publications, the research provides an overview of the cybersecurity training acceptance factors that have been discussed in the existing scientific literature. The main contributions are a cohesive compilation of existing knowledge about factors that impact the user acceptance of cybersecurity training and the introduction of the CTAM, a cybersecurity training acceptance model which pinpoints four factors—regulatory control, worry, apathy, and trust—that influence users’ intention to adopt cybersecurity training. The results can be used to guide future research as well as to guide practitioners implementing cybersecurity training.

Place, publisher, year, edition, pages
MDPI, 2024. Vol. 16, no 8, article id 294
Keywords [en]
cybersecurity training, user security behaviour, usable security, security education
National Category
Information Systems
Identifiers
URN: urn:nbn:se:hj:diva-65987DOI: 10.3390/fi16080294ISI: 001304766200001Scopus ID: 2-s2.0-85202290188Local ID: GOA;intsam;966415OAI: oai:DiVA.org:hj-65987DiVA, id: diva2:1890202
Funder
Lars Hierta Memorial Foundation, FO2022-0037Available from: 2024-08-19 Created: 2024-08-19 Last updated: 2024-11-07Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Kävrestad, Joakim

Search in DiVA

By author/editor
Kävrestad, Joakim
By organisation
JTH, Department of Computer Science and Informatics
In the same journal
Future Internet
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 119 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf