To read this content please select one of the options below:

Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training

Wu He (Old Dominion University, Norfolk, Virginia, USA)
Ivan Ash (Old Dominion University, Norfolk, Virginia, USA)
Mohd Anwar (North Carolina A&T State University, Greensboro, North Carolina, USA)
Ling Li (Old Dominion University, Norfolk, Virginia, USA)
Xiaohong Yuan (North Carolina A&T State University, Greensboro, North Carolina, USA)
Li Xu (Old Dominion University, Norfolk, Virginia, USA)
Xin Tian (Kennesaw State University, Kennesaw, Georgia, USA)

Journal of Intellectual Capital

ISSN: 1469-1930

Article publication date: 20 December 2019

Issue publication date: 28 May 2020

2342

Abstract

Purpose

An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents. To prevent more data breaches to intellectual capital, organizations must provide regular cybersecurity awareness training for all personnel. The purpose of this paper is to investigate the effect of different evidence-based cybersecurity training methods on employees’ cybersecurity risk perception and self-reported behavior.

Design/methodology/approach

The study participants were randomly assigned into four groups (i.e. malware report, malware videos, both malware report and malware videos and no interventions) to assess the effects of cybersecurity training on their perceptions of vulnerability, severity, self-efficacy, security intention as well as their self-reported cybersecurity behaviors.

Findings

The results show that evidence-based malware report is a relatively better training method in affecting employees’ intentions of engaging in recommended cybersecurity behaviors comparing with the other training methods used in this study. A closer analysis suggests whether the training method contains self-relevant information could make a difference to the training effects.

Originality/value

This paper reports an in-depth investigation on how different evidence-based cybersecurity training methods impact employees’ perceptions of susceptibility, severity, self-efficacy, security intention as well as on their self-reported cybersecurity behaviors.

Keywords

Acknowledgements

This work was supported in part by the US National Science Foundation under Grant SES-1318470 and SES-1318501.

Citation

He, W., Ash, I., Anwar, M., Li, L., Yuan, X., Xu, L. and Tian, X. (2020), "Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training", Journal of Intellectual Capital, Vol. 21 No. 2, pp. 203-213. https://doi.org/10.1108/JIC-05-2019-0112

Publisher

:

Emerald Publishing Limited

Copyright © 2019, Emerald Publishing Limited

Related articles