Abstract

In this research, we examine the role of top management involvement in creating phishing awareness in an organization. This study deploys field study experiment with phishing deception. The study was carried out in two phases – phase 1 involved training the employee-participants of a Midwestern US University randomly using two different phishing awareness training videos – one showcasing chancellor of a Midwestern University, and another one showcasing a newly hired IT officer. Phase 2 involved three phishing attacks with varying regarding the degree of sophistication (or social engineering). The results show that there is a significant positive impact of perceived top management involvement in creating phishing awareness and preventing employees from getting phished. The paper concludes by discussing theoretical and managerial implications.

Share

COinS