Skip to main content

The Influence of Human Factors on Adaptive Social Media Cybersecurity Training and Education

  • Conference paper
  • First Online:
Human Aspects of Information Security and Assurance (HAISA 2024)

Abstract

Despite the efforts to mitigate the risks posed by social media, no organisation can be completely protected from hackers. Therefore, specialists are increasingly relying on the training and education of the organisations’ workforce to prevent cyberattacks. To investigate the best training strategies available, we have conducted a survey among a large and diverse sample of employees working in various sectors, and we have interviewed people who possess expertise in policymaking and cybersecurity training—either as trainers or trainees. Our analysis reveals that the efficiency of cybersecurity training varies among individuals due to aspects such as motivation, simplicity, the expertise of the trainer, the experience of the trainee, the training environment, customisation, and the delivery methods employed. Moreover, we have concluded that cybersecurity training is contingent upon the trainees’ specific job roles within the organisation. Our findings have the potential to improve cybersecurity training, as well as the productivity of the trainers involved in its development.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Langlois, P.: The 2020 Verizon Data Breach Investigations Report (DBIR) (2020). https://www.cisecurity.org/insights/webinar/the-2020-verizon-data-breach-investigations-report-dbir

  2. British Retail Consortium: BRC Retail Crime Survey 2015 (2015). https://brc.org.uk/media/54300/51309-4_2015_crime_survey_report_p7.pdf

  3. Sasse, M.A., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’—a human/computer interaction approach to usable and effective security. BT Technol. J. 19(3), 122–131 (2001)

    Article  Google Scholar 

  4. Anwar, M., He, W., Ash, I., Yuan, X., Li, L., Xu, L.: Gender difference and employees’ cybersecurity behaviors. Comput. Hum. Behav. 69, 437–443 (2017)

    Article  Google Scholar 

  5. Chapple, M., Stewart, J.M., Gibson, D.: Certified Information System Security Professional (CISSP). SYBEX, ninth edition ed (2021)

    Google Scholar 

  6. Triplett, W.J.: Addressing human factors in cybersecurity leadership. J. Cybersecurity and Privacy 2(3), 573–586 (2022)

    Article  Google Scholar 

  7. Dash, B.: An effective cybersecurity awareness training model: first defense of an organizational security strategy. International Research J. Eng. Technology (IRJET) 9(4) (2022)

    Google Scholar 

  8. Alshaikh, M., Maynard, S.B., Ahmad, A., Chang, S.: An exploratory study of current information security training and awareness practices in organizations. In: Proceedings of the 51st Hawaii International Conference on System Sciences, Honolulu HI, pp. 5085–5094 (2018)

    Google Scholar 

  9. ENISA: Cyber Europe 2010 Report (2011). https://www.enisa.europa.eu/publications/ce2010report/

  10. Thakur, K., Hayajneh, T., Tseng, J.: Cyber security in social media: challenges and the way forward. IT Professional 21(2), 41–49 (2019). https://doi.org/10.1109/MITP.2018.2881373

    Article  Google Scholar 

  11. Kaplan, A.M., Haenlein, M.: Users of the world, unite! the challenges and opportunities of social media. Bus. Horiz. 53(1), 59–68 (2010)

    Article  Google Scholar 

  12. Ewing, M., Men, L.R., O’Neil, J.: Using social media to engage employees: insights from internal communication managers. Int. J. Strateg. Commun. 13(2), 110–132 (2019). https://doi.org/10.1080/1553118X.2019.1575830

    Article  Google Scholar 

  13. van Steen, T., Deeleman, J.R.: Successful gamification of cybersecurity training. Cyberpsychol. Behav. Soc. Netw. 24(9), 593–598 (2021)

    Article  Google Scholar 

  14. Sungkur, R.K., Maharaj, M.S.: Design and implementation of a smart learning environment for the upskilling of cybersecurity professionals in mauritius. Educ. Inf. Technol. 26, 3175–3201 (2021)

    Article  Google Scholar 

  15. Haeussinger, F., Kranz, J.: Antecedents of employees’ information security awareness - review, synthesis, and directions for future research. In: European Conference on Information Systems. Guimaraes, Portugal (2017)

    Google Scholar 

  16. Furnell, S., Vasileiou, I.: Security education and awareness: just let them burn? Netw. Secur. 2017(12), 5–9 (2017)

    Article  Google Scholar 

  17. Hadlington, L.: Employees attitudes towards cyber security and risky online behaviours: an empirical assessment in the United Kingdom. Int. J. Cyber Criminol. 12, 262–274 (2018)

    Google Scholar 

  18. Hatzivasilis, G., et al.: Modern aspects of cyber-security training and continuous adaptation of programmes to trainees. Appl. Sci. 10(16), 5702 (2020)

    Article  Google Scholar 

  19. Pedley, D.; Borges, T.; Bollen, A.; Shah, J.N.; Donaldson, S.; Furnell, S.; Crozier, D. (2020) “Cyber Security Skills in the UK Labour Market”. URL https://www.gov.uk/government/publications/cyber-security-skills-in-the-uk-labour-market-2020

  20. Parker, H.J., Flowerday, S.V.: Contributing factors to increased susceptibility to social media phishing attacks. South African J. Information Manage. 22, 1–10 (2020)

    Article  Google Scholar 

  21. Nifakos, S., et al.: Influence of human factors on cyber security within healthcare organisations: a systematic review. Sensors 21(15), 5119 (2021)

    Article  Google Scholar 

  22. Pattinson, M.R., et al.: Adapting cyber-security training to your employees. In: Proceedings of the International Symposium on Human Aspects of Information Security and Assurance (HAISA), pp. 67–79 (2018)

    Google Scholar 

  23. Schürmann, C., Jensen, L.H., Sigbjörnsdóttir, R.M.: Effective cybersecurity awareness training for election officials. In: Krimmer, R., et al. Electronic Voting. Lecture Notes in Computer Science, 12455, pp. 196–212 (2020). Springer, Cham

    Google Scholar 

  24. Zhang, Z., He, W., Li, W., Abdous, M.H.: Cybersecurity awareness training programs: a cost-benefit analysis framework. Ind. Manag. Data Syst. 121(3), 613–636 (2021)

    Article  Google Scholar 

  25. ENISA: Good Practice Guide on Training Methodologies (2014). https://www.enisa.europa.eu/publications/good-practice-guide-on-training-methodologies

  26. McBride, M., Carter, L., Warkentin, M.: Exploring the role of individual employee characteristics and personality on employee compliance with cybersecurity policies. RTI International-Institute for Homeland Security Solutions 5(1) (2012)

    Google Scholar 

  27. Glaspie, H.W., Karwowski, W.: Human factors in information security culture: a literature review. In: Proceedings of the International Conference on Advances in Human Factors in Cybersecurity, Los Angeles, California, pp. 269–280 (2018). Springer International

    Google Scholar 

  28. Bada, M., Nurse, J.R.: Developing cybersecurity education and awareness programmes for small and medium-sized enterprises (SMEs). Information & Computer Security 27(3), 393–410 (2019)

    Article  Google Scholar 

  29. McKim, C.A.: The value of mixed methods research: a mixed methods study. J. Mixed Methods Res. 11(2), 202–222 (2017)

    Article  Google Scholar 

  30. Dulock, H.L.: Research design: descriptive research. J. Pediatr. Oncol. Nurs. 10(4), 154–157 (1993)

    Article  Google Scholar 

  31. Castro, S.: Google forms quizzes and substitution, augmentation, modification, and redefinition (samr) model integration. Issues and Trends in Educational Technol. 6(1), 4–14 (2018)

    Google Scholar 

  32. Sarfraz, M.: Developments in Information Security and Cybernetic Wars. IGI Global. ISBN: 9781522583042 (2019)

    Google Scholar 

  33. Symantec. 2018 Internet Security Threat Report. Symantec Corporation (2018)

    Google Scholar 

  34. University of Plymouth. Plymouth Ethics Online Systems (PEOS) (2023). https://apply-ethicsonlinesystem.plymouth.ac.uk/

  35. Kuwait Central Statistical Bureau (2022). https://knoema.com/atlas/sources/csb

  36. Calculator.net. Sample Size Calculator (2023). https://www.calculator.net/sample-size-calculator.html

  37. De Swert, K.: Calculating inter-coder reliability in media content analysis using krippendorff’s alpha. Center for Politics and Communication 15, 1–15 (2012)

    Google Scholar 

  38. Archibald, M.M., Ambagtsheer, R.C., Casey, M.G., Lawless, M.: Using zoom videoconferencing for qualitative data collection: perceptions and experiences of researchers and participants. Int J Qual Methods 18, 1–8 (2019)

    Article  Google Scholar 

  39. DeCuir-Gunby, J.T., et al.: Developing and using a codebook for the analysis of interview data: an example from a professional development research project. Field Methods 23(2), 136–155 (2011)

    Article  Google Scholar 

  40. Taylor, J.J.: Confusing Stats Terms Explained: Internal Consistency (2021)

    Google Scholar 

  41. McHugh, M.L.: The chi-square test of independence. Biochemia medica 23(2), 143–149 (2013)

    Article  Google Scholar 

  42. Ben Salamah, F., Palomino, M.A., Craven, M.J., Papadaki, M., Furnell, S.: An adaptive cybersecurity training framework for the education of social media users at work. Appl. Sci. 13(17), 9595 (2023)

    Article  Google Scholar 

  43. Hofstede, G.: Culture’s consequences: comparing values, behaviors, institutions, and organizations across nations. Collegiate Aviation Review 34(2), 108 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Marco A. Palomino .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2025 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Salamah, F.B., Palomino, M.A., Papadaki, M., Craven, M.J., Furnell, S. (2025). The Influence of Human Factors on Adaptive Social Media Cybersecurity Training and Education. In: Clarke, N., Furnell, S. (eds) Human Aspects of Information Security and Assurance. HAISA 2024. IFIP Advances in Information and Communication Technology, vol 722. Springer, Cham. https://doi.org/10.1007/978-3-031-72563-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-72563-0_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-72562-3

  • Online ISBN: 978-3-031-72563-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics