Another Look at Cybersecurity Awareness Programs

S. H. von Solms, Jaco du Toit, Elmarie Kritzinger

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Cybercrime has become one of the biggest forms of crime in the world today – if not the biggest form. Everybody is seeking ways to address this growing cyber risk. Cybersecurity awareness of end users is an important component of helping to prevent cybercrime. However, research indicates that traditional cybersecurity awareness programs are not very successful. Budgets for cyber protection programs keep increasing, but there is no evidence that the levels of cybercrime are decreasing. Companies (across the globe) are searching for new ways and approaches to make their end users more cyber aware. What has become clear from many efforts and approaches in making end users cyber aware, is that an approach emphasizing the technical aspects alone does not work. A complementary human oriented approach is also needed. This paper advances 3 new possible approaches which can be considered in the challenge to create more cyber aware end users. The first approach, called the ‘Fighter’ approach, is taken from the area of firefighting, where employees are trained to fight a fire in an emergency. The second approach, called the ‘Ownership’ approach, is from the operational technology (OT) area where machine operators are trained to take ownership of their machines and safely operate their machines. The third approach, called the ‘Workplace’ approach, is taken from the area of workplace training where being cyber-awareness is seen as a part of a secure workplace. All three these approaches are based on primarily on letting the end user realise that cybersecurity awareness is actually part of their daily job environment.

Original languageEnglish
Title of host publicationHuman Aspects of Information Security and Assurance - 17th IFIP WG 11.12 International Symposium, HAISA 2023, Proceedings
EditorsSteven Furnell, Nathan Clarke
PublisherSpringer Science and Business Media Deutschland GmbH
Pages13-23
Number of pages11
ISBN (Print)9783031385292
DOIs
Publication statusPublished - 2023
Event17th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2023 - Kent, United Kingdom
Duration: 4 Jul 20236 Jul 2023

Publication series

NameIFIP Advances in Information and Communication Technology
Volume674
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference17th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2023
Country/TerritoryUnited Kingdom
CityKent
Period4/07/236/07/23

Keywords

  • Awareness
  • Cybercrime

ASJC Scopus subject areas

  • Information Systems and Management

Fingerprint

Dive into the research topics of 'Another Look at Cybersecurity Awareness Programs'. Together they form a unique fingerprint.

Cite this