Towards Designing a Method to Create Sticky Information Security Training for SMEs: Identifying Design Factors

Martin Brehmer, A.E. Abbas, Nageswaran Vaidyanathan

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

303 Downloads (Pure)

Abstract

The risk of being impacted by a cyberattack is high, because of more professional attacks. Thereby, cyber criminals are bypassing technological countermeasures through tricking users. Recently collected data during the SARS-CoV-2 pandemic demonstrate, that cyberattacks including social engineering are among the main threats, especially for Small and Medium-sized Enterprises (SME). (Information) Security Education and Training Awareness (SETA) is proposed to be an effective countermeasure. However, the effects of SETA fade rapidly over time and learnings are not applied in practice sustainably. Thus, we state that a method is required to create SETA programs with sustainable learning outcomes for SME. To develop such a method, we follow the Design Science Research Methodology and share insights of our first design cycle in this article. We conducted a literature review and analyzed factors of failure and success regarding the design of sustainable SETA programs. Furthermore, we sketch our plans for design cycle 2.
Original languageEnglish
Title of host publication29th European Conference on Information Systems (ECIS 2021)
Subtitle of host publication Human Values Crisis in a Digitizing World
PublisherAssociation of the Information Systems (AIS)
Pages1-13
Number of pages13
Publication statusPublished - 2021
Event29th European Conference on Information Systems (ECIS 2021) A Virtual AIS Conference: Human Values Crisis in a Digitizing World - , Morocco
Duration: 14 Jun 202116 Jun 2021

Conference

Conference29th European Conference on Information Systems (ECIS 2021) A Virtual AIS Conference
Country/TerritoryMorocco
Period14/06/2116/06/21

Keywords

  • information security
  • training
  • education
  • awareness
  • SETA
  • DSR
  • SME

Fingerprint

Dive into the research topics of 'Towards Designing a Method to Create Sticky Information Security Training for SMEs: Identifying Design Factors'. Together they form a unique fingerprint.

Cite this