TY - GEN
T1 - Another Look at Cybersecurity Awareness Programs
AU - von Solms, S. H.
AU - du Toit, Jaco
AU - Kritzinger, Elmarie
N1 - Publisher Copyright:
© 2023, IFIP International Federation for Information Processing.
PY - 2023
Y1 - 2023
N2 - Cybercrime has become one of the biggest forms of crime in the world today – if not the biggest form. Everybody is seeking ways to address this growing cyber risk. Cybersecurity awareness of end users is an important component of helping to prevent cybercrime. However, research indicates that traditional cybersecurity awareness programs are not very successful. Budgets for cyber protection programs keep increasing, but there is no evidence that the levels of cybercrime are decreasing. Companies (across the globe) are searching for new ways and approaches to make their end users more cyber aware. What has become clear from many efforts and approaches in making end users cyber aware, is that an approach emphasizing the technical aspects alone does not work. A complementary human oriented approach is also needed. This paper advances 3 new possible approaches which can be considered in the challenge to create more cyber aware end users. The first approach, called the ‘Fighter’ approach, is taken from the area of firefighting, where employees are trained to fight a fire in an emergency. The second approach, called the ‘Ownership’ approach, is from the operational technology (OT) area where machine operators are trained to take ownership of their machines and safely operate their machines. The third approach, called the ‘Workplace’ approach, is taken from the area of workplace training where being cyber-awareness is seen as a part of a secure workplace. All three these approaches are based on primarily on letting the end user realise that cybersecurity awareness is actually part of their daily job environment.
AB - Cybercrime has become one of the biggest forms of crime in the world today – if not the biggest form. Everybody is seeking ways to address this growing cyber risk. Cybersecurity awareness of end users is an important component of helping to prevent cybercrime. However, research indicates that traditional cybersecurity awareness programs are not very successful. Budgets for cyber protection programs keep increasing, but there is no evidence that the levels of cybercrime are decreasing. Companies (across the globe) are searching for new ways and approaches to make their end users more cyber aware. What has become clear from many efforts and approaches in making end users cyber aware, is that an approach emphasizing the technical aspects alone does not work. A complementary human oriented approach is also needed. This paper advances 3 new possible approaches which can be considered in the challenge to create more cyber aware end users. The first approach, called the ‘Fighter’ approach, is taken from the area of firefighting, where employees are trained to fight a fire in an emergency. The second approach, called the ‘Ownership’ approach, is from the operational technology (OT) area where machine operators are trained to take ownership of their machines and safely operate their machines. The third approach, called the ‘Workplace’ approach, is taken from the area of workplace training where being cyber-awareness is seen as a part of a secure workplace. All three these approaches are based on primarily on letting the end user realise that cybersecurity awareness is actually part of their daily job environment.
KW - Awareness
KW - Cybercrime
UR - http://www.scopus.com/inward/record.url?scp=85172667789&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-38530-8_2
DO - 10.1007/978-3-031-38530-8_2
M3 - Conference contribution
AN - SCOPUS:85172667789
SN - 9783031385292
T3 - IFIP Advances in Information and Communication Technology
SP - 13
EP - 23
BT - Human Aspects of Information Security and Assurance - 17th IFIP WG 11.12 International Symposium, HAISA 2023, Proceedings
A2 - Furnell, Steven
A2 - Clarke, Nathan
PB - Springer Science and Business Media Deutschland GmbH
T2 - 17th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2023
Y2 - 4 July 2023 through 6 July 2023
ER -