COMING SOON! PQDT Open is getting a new home!

ProQuest Open Access Dissertations & Theses will remain freely available as part of a new and enhanced search experience at

Questions? Please refer to this FAQ.

Dissertation/Thesis Abstract

Exploring the Relationships Between User Cybersecurity Knowledge, Cybersecurity and Cybercrime Attitudes, and Online Risky Behaviors
by Roberts, Stephen Allen, Ph.D., Northcentral University, 2021, 183; 28316557
Abstract (Summary)

Organizations face an onslaught of threats to their mission-critical data. While organizations continue to increase their investment in cybersecurity, user awareness, and Information Security Policy (ISP) mitigations, the employee represents the greatest threat to sensitive data loss. Understanding the linkage between a user’s Information Security Awareness (ISA) knowledge, their attitudes toward cybersecurity and cybercrime, and their risky online behaviors are critical to more effective cybersecurity investments. Therefore, the purpose of this quantitative, correlational study was to better understand linkages between the internal user’s information security awareness knowledge, attitudes toward cybersecurity and cybercrime, and their risky online behaviors. This research was completed online with 210 fully screened US working adults that utilized corporate information technology assets and were aware of their organization’s ISP. The Human Aspects of Information Security Questionnaire (HAIS-Q) was used to capture the ISA knowledge score, the Attitudes Toward Cybersecurity in Business (ATC-IB) was used to capture the attitude score, and the Risky Cybersecurity Behaviors Scale (RScB) was used to capture the behaviors score of each respondent. This study’s findings answered the research questions, added to the Knowledge, Attitudes, and Behaviors (KAB) research methodology, and showed strong correlations between the respondent’s ISA knowledge, attitudes toward cybersecurity and cybercrime, and risky online behaviors. A high statistically significant correlation was found between the knowledge (HAIS-Q) and attitudes (ATC-IB) scores (r = 0.65, p < .001). There was a large statistically significant negative correlation between the knowledge (HAIS-Q) and behaviors (RScB) scores (r = -0.74, p < .001). Finally, there was a large statistically significant negative correlation between scores on the attitudes (ATC-IB) and behaviors (RScB) (r = -0.73, p < .001). These findings show direct and high levels of significant correlations between the KAB triad components. As employee ISA knowledge improves, their attitude toward cybersecurity also improves. If either the employee knowledge or attitudes toward cybersecurity are improved, their risky online behaviors are significantly reduced. These findings indicate that investments and managerial emphasis on enhancing the employee’s ISA knowledge, attitudes, and behaviors can substantially lessen the organizational user cybersecurity risk.

Indexing (document details)
Advisor: Kabia, Milton
Commitee: Appunn, Frank, Bouvin, David
School: Northcentral University
Department: School of Business and Technology Management
School Location: United States -- California
Source: DAI-A 82/9(E), Dissertation Abstracts International
Subjects: Information Technology, Information science, Criminology
Keywords: Insider threat, Online behaviors, Policy Noncompliance, Cybersecurity, Cybercrime, Information Security Awareness, Risky Cybersecurity Behaviors Scale
Publication Number: 28316557
ISBN: 9798582576013
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy