Cybersecurity awareness (CSA) is not just about knowing, but also transforming things
learned into practice. It is a continuous process that needs to be adjusted in subsequent …

Purpose–The purpose of this paper is to survey, explore and inform researchers about the
previous methodologies applied, target audience and coverage of previous assessment of …

While the creation of a strong security culture has been researched and discussed for
decades, it continues to elude many businesses. Part of the challenge faced is distilling …

This paper presents a cyber-security culture framework for assessing and evaluating the
current security readiness of an organization's workforce. Having conducted a thorough …

In organizations, users' compliance with information security policies (ISP) is crucial for
minimizing information security (IS) incidents. To improve users' compliance, IS managers …

Cybersecurity Culture (CSC) is unique for an organization and not replicable for others,
being based on its specific characteristics, in terms of technologies, processes, and people's …

Companies depend on internal control to protect the integrity of information systems. IT
security and data privacy training are critical controls for safeguarding company information …

Featured Application The results of this work will be incorporated in an application for SMEs
in Europe, which aims to improve cybersecurity awareness and resilience, as part of the EU …

Purpose Cyber security has never been more important than it is today in an ever more
connected and pervasive digital world. However, frequently reported shortages of suitably …

Purpose This study explores the critical success factors (CSFs) for Security Education,
Training and Awareness (SETA) program effectiveness. The questionable effectiveness of …