How E-Learning Can Facilitate Information Security Awareness

Users of information systems are increasingly being attacked and exploited by cyber criminals. Information Security Awareness addresses how users can be convinced to behave compliantly to a company’s information security policies. This paper explores the potential of e-Learning as a tool to increase the information security awareness of users. The factors that ultimately lead to information security-compliant behavior are the factors knowledge, habit, salience, and behavioral intent. By looking at the peculiarities of e-Learning, the chances and limitations of influencing these factors are examined exploratory. The basis for this is Bloom’s Taxonomy from learning theory. The paper shows that e-Learning can help influencing knowledge and habit of a person. The salience and intention of a person, however, can only be influenced in combination with other factors. Especially with affective emotions and beliefs, e-Learning can also have negative effects. The paper also gives an outlook on how further quantitative research could help to ultimately shape effective e-Learning courses.

[1]  Eirik Albrechtsen,et al.  Effects on employees' information security abilities by e-learning , 2009, Inf. Manag. Comput. Secur..

[2]  Kathleen D. Vohs,et al.  Encyclopedia of social psychology , 2007 .

[3]  Dana McFarland Multimedia in higher education , 1996 .

[4]  Mo Adam Mahmood,et al.  Employees' Behavior towards IS Security Policy Compliance , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[5]  Tom Baranowski,et al.  Are current health behavioral change models helpful in guiding prevention of weight gain efforts? , 2003, Obesity research.

[6]  Stefan Hrastinski,et al.  Asynchronous and synchronous e-learning , 2008 .

[7]  Bilal Khan,et al.  Effectiveness of information security awareness methods based on psychological theories , 2011 .

[8]  B. Verplanken,et al.  Habit, attitude, and planned behaviour : is habit an empty construct or an interesting case of goal-directed automaticity? , 1999 .

[9]  D. Krathwohl A Revision of Bloom's Taxonomy: An Overview , 2002 .

[10]  Mats Danielson,et al.  Exploring the e-Learning State of Art , 2008 .

[11]  Zinaida Benenson,et al.  Specifying IT Security Awareness , 2014, 2014 25th International Workshop on Database and Expert Systems Applications.

[12]  M. Kabay,et al.  Using Social Psychology to Implement Security Policies , 2015 .

[13]  Benjamin S. Bloom,et al.  Taxonomy of Educational Objectives: The Classification of Educational Goals. , 1957 .

[14]  Curtis J. Bonk,et al.  The Handbook of Blended Learning: Global Perspectives, Local Designs , 2005 .

[15]  Synnöve Kekkonen-Moneta,et al.  Affective Learning in Online Multimedia and Lecture Versions of an Introductory Computing Course , 2007 .

[16]  Kim E. Dooley,et al.  MEASURING LEARNING IN THE AFFECTIVE DOMAIN USING REFLECTIVE WRITING ABOUT A VIRTUAL INTERNATIONAL AGRICULTURE EXPERIENCE , 2006 .

[17]  Edward L. Meyen,et al.  Developing Online Instruction: Partnership between Instructors and Technical Developers , 1999 .

[18]  Leanne M. Hirshfield,et al.  The Role of Human Operators' Suspicion in the Detection of Cyber Attacks , 2019, Cyber Law, Privacy, and Security.

[19]  E. Simpson THE CLASSIFICATION OF EDUCATIONAL OBJECTIVES, PSYCHOMOTOR DOMAIN. , 1966 .