Day 2

Cybersecurity training: best practices & future research

Session complexity:
11:45 - 12:10

End-user responsibility in facilitating or even causing cyberattacks continues to be a growing topic of discussion. Especially in organisational settings, end-users play an essential role in contributing to cybersecurity incidents – or preventing them. Training programs are a popular tool that is used frequently in attempts to mitigate incidents facilitated by end-user action or inaction. According to a 2023 report by CybSafe, 47% of participants indicated that they had access to a cybersecurity training program through their jobs. But what is the academic viewpoint on these training programs? To gain a deeper understanding, we conducted a systematic literature review and meta-analysis of academic articles published on the topic of end-user cybersecurity training. During the talk, our findings will be outlined and discussed. More specifically, what do these training initiatives look like? What type of cybersecurity behaviours are targeted? And how is the effectiveness of the programs assessed?

Speakers in this session

Julia Prümmer