Investigating the Relationship between Learning Styles and Delivery Methods in Information Security Awareness Programs
Master Thesis
2021
Permanent link to this Item
Authors
Supervisors
Journal Title
Link to Journal
Journal ISSN
Volume Title
Publisher
Publisher
Department
Faculty
License
Series
Abstract
Information security threats are continually growing as new technologies emerge. Literature confirms that the human factor is an important issue, as cyber threats and exploitation of vulnerabilities continue to proliferate due to human error. There are significant risks associated with this, such as the organisation's reputational damage and associated costs, to name a few. Information Security Awareness (ISA) programs have proven to be one of the best methods to reduce human linked security vulnerabilities and misbehaviour, which also reduces risks. The purpose of this research is twofold. First, it is to identify and explain the value of aligning ISA programs with user-preferred learning styles and delivery methods. Second, to indicate how aligning ISA programs with preferred learning styles and delivery methods influences security posture. Using the Knowledge, Attitude, and Behaviour (KAB) model as a theoretical lens, the study depicts how information security posture can be improved through the betterment of security knowledge, attitude, and behaviour. Additionally, the aligned learning styles and delivery methods' construct was added to the KAB model to investigate the research questions. The Human Aspect of Information Systems Questionnaire (HAIS-Q) was used to measure ISA levels of organisational employees in South Africa. The chosen parts of these HAIS-Q focused on password management, email and internet use. The ISA scores are essential for this research as they indicate the current ISA levels. This result can be used to improve information security posture. The Visual, Aural, Read/Write, and Kinaesthetic (VARK) inventory model was used to better understand the provided and preferred learning styles. Additionally, ISA programs focused on text-based, video-based, and game-based delivery methods commonly used and applied in prior academic research. Using a survey methodology, the study recruited 322 South African organisational employees to complete an online questionnaire. The questionnaire contained a subset of HAIS-Q, the VARK inventory model, delivery methods, and demographic questions. Bivariate Pearson correlation tests in conjunction with the ISA scores indicated that userpreferred learning styles achieve greater ISA. The results also showed that video-based delivery methods are the most preferred but does not yield the highest ISA scores. The highest ISA scores are achieved from a mixture of delivery methods. The study proposes user aligned learning styles and preferred delivery methods to positively influence the knowledge, attitude, and behaviour leading to improved cybersecurity resilience. As a result, this leads to self-reported and risk-averse behaviour, as end-users' self-efficacy has improved.
Description
Keywords
Reference:
Ntwali, B. 2021. Investigating the Relationship between Learning Styles and Delivery Methods in Information Security Awareness Programs. . ,Faculty of Commerce ,Department of Information Systems. http://hdl.handle.net/11427/33943