Personalising Security Education: Factors Influencing Individual Awareness and Compliance
Security education and awareness are frequently overlooked for users in both workplace and personal contexts, and even where some level of provision is offered it is rarely done in a manner that is matched specifically to the needs of the audience. However, by personalising the provision, and making the presentation and messaging more appropriate to the individuals receiving it, there is a greater chance of achieving understanding, engagement, and resultant compliance. This paper examines the gap that exists between the typical and desirable provision of security education. It highlights baseline areas of security literacy that ought to be applicable to all users, but then illustrates how variations in individuals’ understanding of threshold concepts could complicate the task of delivering the related education. It is proposed that security education should be more tailored, recognising factors such as the user’s role, prior knowledge, learning style, and current perception of security, in order to deliver a more personalised security education plan that is framed towards individual circumstances and can be delivered in a manner that suits their needs.
The Publisher's final version can be found by following the DOI link.
Citation : Vasileiou, I., Furnell, S. (2019) Personalising Security Education: Factors Influencing Individual Awareness and Compliance. In: Mori, P., Furnell, S., Camp, O. (Eds.) Information Systems Security and Privacy. ICISSP 2018. Communications in Computer and Information Science, 977, Cham: Springer, pp. 189-200.
ISBN : 9783030251086