CDSA

Cyber Security Awareness Campaigns: Why do They Fail to Change Behavior? (University of Oxford)

[svg-table-content]

This paper focuses on Security Awareness Campaigns, trying to identify factors which potentially lead to failure of these in changing the information security behaviors of consumers and employees. Past and current efforts to improve information security practices have not had the desired effort.

In this paper, the authors explain the challenges involved in improving information security behaviours. Changing behavior requires more than giving information about risks and correct behaviours – firstly, the people must be able to understand and apply the advice, and secondly, they must be willing to do – and the latter requires changes to attitudes and intentions.