Description

The authors seek to understand the relationship between the outcomes of traditional Security Education Training & Awareness (SETA) programs, which have been popular in Information Systems (IS) as a mechanism to protect users from cybercrime. The issue is that most SETA programs in IS change at the pace much slower than the pace of cybercriminal tactics. Therefore, the authors propose viewing SETA outcomes through the lens of the psychological concept of resiliency. This paper proposes a model that extends reputable resiliency theories and models to the field of IS Security.

Share

COinS
 
Aug 10th, 12:00 AM

Resiliency as an Outcome of Security Training and Awareness Programs

The authors seek to understand the relationship between the outcomes of traditional Security Education Training & Awareness (SETA) programs, which have been popular in Information Systems (IS) as a mechanism to protect users from cybercrime. The issue is that most SETA programs in IS change at the pace much slower than the pace of cybercriminal tactics. Therefore, the authors propose viewing SETA outcomes through the lens of the psychological concept of resiliency. This paper proposes a model that extends reputable resiliency theories and models to the field of IS Security.