Investigating Information Security Awareness: Research and Practice Gaps

What is it about?

This paper presents the results of an exploratory survey which identifies patterns and trends in the way that practitioners and academics tackle security awareness and provides a deeper understanding of the reasons why security awareness practice remains an unsolved problem. Open coding analysis was performed on numerous publications (articles, surveys, standards, reports and books). A classification scheme of six categories of concern has emerged from the content analysis (e.g., terminology ambiguity), and the chosen publications were classified based on it. The paper identifies ambiguous aspects of current security awareness approaches and the proposed classification provides a guide to identify the range of options available to researchers and practitioners when they design their research and practice on information security awareness.

Featured Image