IDEAS home Printed from https://ideas.repec.org/a/bjz/ajisjr/2099.html

Is It Possible to Change the Cyber Security Behaviours of Employees? Barriers and Promoters

Author

Listed:
  • Ahu Ergen
  • Ahmet Naci Ãœnal
  • Mehmet Sıtkı Saygili

Abstract

The increase in cyber attacks cause individuals and businesses to face financial loss and reputation damage. Most cyber security studies ignore human factor and focus only on technological measures although the cyber security behaviors of employees are vital for the organisations. This paper aims to explore and discuss the role of employees in cyber security. In-depth interviews with eight cyber security experts were conducted through semi-structured, open-ended interviews. This study gives perspectives regarding the cyber security behaviors of employees, the barriers and promoters of secure behaviors in cyberspace. The findings mainly stem reasons of unsecure behaviors and solutions for them, and provide implications to companies for effective training and recommendations to adopt secure behaviors in the companies.

Suggested Citation

  • Ahu Ergen & Ahmet Naci Ãœnal & Mehmet Sıtkı Saygili, 2021. "Is It Possible to Change the Cyber Security Behaviours of Employees? Barriers and Promoters," Academic Journal of Interdisciplinary Studies, Richtmann Publishing Ltd, vol. 10, July.
    • Handle: RePEc:bjz:ajisjr:2099
    DOI: https://doi.org/10.36941/ajis-2021-0111
    as

    Download full text from publisher

    File URL: https://www.richtmann.org/journal/index.php/ajis/article/view/12588
    Download Restriction: no
    File URL: https://www.richtmann.org/journal/index.php/ajis/article/view/12588/12189
    Download Restriction: no
    File URL: https://libkey.io/https://doi.org/10.36941/ajis-2021-0111?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Fatima Salahdine & Naima Kaabouch, 2019. "Social Engineering Attacks: A Survey," Future Internet, MDPI, vol. 11(4), pages 1-17, April.
    2. Aurélien Baillon & Jeroen de Bruin & Aysil Emirmahmutoglu & Evelien van de Veer & Bram van Dijk, 2019. "Informing, simulating experience, or both: A field experiment on phishing risks," PLOS ONE, Public Library of Science, vol. 14(12), pages 1-15, December.
    3. Donalds, Charlette & Osei-Bryson, Kweku-Muata, 2020. "Cybersecurity compliance behavior: Exploring the influences of individual decision style and other antecedents," International Journal of Information Management, Elsevier, vol. 51(C).
    4. Li, Ling & He, Wu & Xu, Li & Ash, Ivan & Anwar, Mohd & Yuan, Xiaohong, 2019. "Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior," International Journal of Information Management, Elsevier, vol. 45(C), pages 13-24.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Hana Yousuf & Mostafa Al-Emran & Mohammed A. Al-Sharafi & Khaled Shaalan, 2025. "Examining the factors influencing cybersecurity behaviors in m-payment contactless technologies using SEM–ANN approach," Journal of Financial Services Marketing, Palgrave Macmillan, vol. 30(3), pages 1-22, September.
    2. Gonzalez-Jimenez, David & Capozza, Francesco & Dirkmaat, Thomas & van de Veer, Evelien & van Druten, Amber & Baillon, Aurélien, 2025. "Falling and failing (to learn): Evidence from a nation-wide cybersecurity field experiment with SMEs," Journal of Economic Behavior & Organization, Elsevier, vol. 230(C).
    3. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    4. Asad Hussain & Sunila Fatima Ahmad & Mishal Tanveer & Ansa Sameen Iqbal, 2022. "Computer Malware Classification, Factors, and Detection Techniques: A Systematic Literature Review (SLR)," International Journal of Innovations in Science & Technology, 50sea, vol. 4(3), pages 899-918, August.
    5. Patel, Pankaj C., 2025. "Anchored by reliability, swayed by institutional forces: Cybersecurity risk deviance from industry norms and its contingencies on risk and volatility," Journal of Business Research, Elsevier, vol. 199(C).
    6. Aaron Zimba & Katongo Phiri & Chimanga Kashale & Mwiza Phiri, 2025. "Unveiling deception: a socio-economic analysis of smishing attacks on mobile money transaction users," Humanities and Social Sciences Communications, Palgrave Macmillan, vol. 12(1), pages 1-14, December.
    7. Gao, Lujia & Chen, Zhaoying & Zhao, Wei & Lai, Xuanyu, 2025. "Does cybersecurity regulation reduce corporate data-breach risk?," Finance Research Letters, Elsevier, vol. 78(C).
    8. Vitaliy Shpachuk & Olena Markova & Bogdan Adamyk, 2026. "AI-driven financial fraud: key risks and legal protections for financial institutions," Journal of Banking Regulation, Palgrave Macmillan, vol. 27(1), pages 1-19, March.
    9. Mahalasmi Radhakrishnan & Mohammad Nurul Hassan Reza & Abdullah Al Mamun & Muhammad Mehedi Masud & Zafir Khan Mohamed Makhbul, 2025. "Behavioral insights into insurance purchase among flash flood survivors in Malaysia," Humanities and Social Sciences Communications, Palgrave Macmillan, vol. 12(1), pages 1-14, December.
    10. Han, Kookyoung & Choi, Jin Hyuk, 2023. "Implications of false alarms in dynamic games on cyber-security," Chaos, Solitons & Fractals, Elsevier, vol. 169(C).
    11. Naume Sonhera & David Mhlanga, 2022. "Reducing Cyber Incidents through Good Online Behavioral Norms: Lessons from South Africa," Eurasian Journal of Social Sciences, Eurasian Publications, vol. 10(1), pages 37-48.
    12. Saif Hussein Abdallah Alghazo & Norshima Humaidi & Shereen Noranee, 2023. "Assessing Information Security Competencies of Firm Leaders towards Improving Procedural Information Security Countermeasure: Awareness and Cybersecurity Protective Behavior," Information Management and Business Review, AMH International, vol. 15(1), pages 1-13.
    13. Bulbul Ahamed & Mohammad Rashed Hasan Polas & Ahmed Imran Kabir & Abu Saleh Md. Sohel-Uz-Zaman & Abdullah Al Fahad & Saima Chowdhury & Mrittika Rani Dey, 2024. "Empowering Students for Cybersecurity Awareness Management in the Emerging Digital Era: The Role of Cybersecurity Attitude in the 4.0 Industrial Revolution Era," SAGE Open, , vol. 14(1), pages 21582440241, February.
    14. Ou, Carol & Zhang, Xiaowei & Angelopoulos, Spyros & Davison, Robert & Janse, Noury, 2022. "Security breaches and organization response strategy : Exploring consumers’ threat and coping appraisals," Other publications TiSEM 9ac0c2eb-87e8-4c1d-a0b0-c, Tilburg University, School of Economics and Management.
    15. Canitgia Tambariki, 2024. "Drivers of banking consumers' cybersecurity behavior: Applying the extended protection motivation theory ," GATR Journals jmmr327, Global Academy of Training and Research (GATR) Enterprise.
    16. T. V. Tulupieva, 2022. "Psychological Aspects of the Organization’s Information Security in the Context of Socio-engineering Attacks," Administrative Consulting, Russian Presidential Academy of National Economy and Public Administration. North-West Institute of Management., issue 2.
    17. Byung-Jik Kim & Olivia Hye Kim & Eung Il Kim, 2026. "“Under the Shadow of Uncertainty”: the mediating role of job stress and the AI self-efficacy as a shield in cybersecurity behavior," Humanities and Social Sciences Communications, Palgrave Macmillan, vol. 13(1), pages 1-17, December.
    18. Stroukal, Dominik & Peterka, Pavel, 2025. "Tokenization as a pathway to anonymity in central bank digital currencies," Research in International Business and Finance, Elsevier, vol. 75(C).
    19. Pramukh Nanjundaswamy Vasist & Debashis Chatterjee, 2025. "Combating Fake News and Digital Deception at the Workplace: An Integrative Review and Open Systems Theory-led Framework for Future Research," IIM Kozhikode Society & Management Review, , vol. 14(1), pages 88-104, January.
    20. Godsway Korku Tetteh & Chuks Otioma, 2025. "Cyberattack, cyber risk mitigation capabilities, and firm productivity in Kenya," Small Business Economics, Springer, vol. 64(3), pages 1493-1514, March.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bjz:ajisjr:2099. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Richtmann Publishing Ltd (email available below). General contact details of provider: https://www.richtmann.org/journal/index.php/ajis .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.