Enterprise cybersecurity training and awareness programs: Recommendations for success

Authors

Wu He, Strome College of Business
Zuopeng Zhang, University of North FloridaFollow

Document Type

Article

Publication Date

10-2-2019

Abstract

To help employees recognize and change their computing security behavior, organizations need to invest in cybersecurity training and awareness programs to encourage their employees’ active engagement in complying with their security policies. However, many organizations’ cybersecurity training and awareness programs fail to achieve their goals as employees feel bored with such training programs and lack enthusiasm to participate in them. Highlighting the criticality of the success of cybersecurity training and awareness programs in organizations, this paper identifies best practices and provides actionable insights (relating cyber awareness to employees’ personal life, reinforcing security procedures and guidelines, instilling a “relaxed alert” state of employees, and minimizing security fatigue for employees) that will help enterprises develop and implement economical, effective, and engaging cybersecurity training and awareness programs.

Publication Title

Journal of Organizational Computing and Electronic Commerce

Volume

29

Issue

4

First Page

249

Last Page

257

Digital Object Identifier (DOI)

10.1080/10919392.2019.1611528

ISSN

10919392

Citation Information

He, W., Zhang, Z. (2019). Enterprise Cybersecurity Training and Awareness Programs: Recommendations for Success. Journal of Organizational Computing and Electronic Commerce, 29(4), 249-257.