The health belief model and phishing: determinants of preventative security behaviors

Email is frequently the attack vector of choice for hackers and is a large concern for campus IT organizations. This paper attempts to gain insight into what drives the email security behaviors of students, faculty, and staff at one midwestern public, master’s granting university. The survey relies...

Full description

Saved in:
Bibliographic Details
Published in:Journal of cybersecurity (Oxford) 2024-08, Vol.10 (1)
Main Authors: Du, Jie, Kalafut, Andrew, Schymik, Gregory
Format: Article
Language:English
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Email is frequently the attack vector of choice for hackers and is a large concern for campus IT organizations. This paper attempts to gain insight into what drives the email security behaviors of students, faculty, and staff at one midwestern public, master’s granting university. The survey relies on the health belief model as its theoretical basis and measures eight constructs including email security behavior, perceived barriers to practice, self-efficacy, cues to action, prior security experience, perceived vulnerability, perceived benefits, and perceived severity. Barriers to practice, self-efficacy, vulnerability, benefits, and prior experience variables were found to be significant determinants of self-reported email security behaviors. Additional discussion of results based on subgroups of the respondents and interaction models is included in this paper. The findings of this study may help shed light on how universities can better prepare students, faculty, and staff to handle this critical information security concern. Given the makeup of the subject population, some findings may be applicable to businesses beyond academic institutions.
ISSN:2057-2085
2057-2093
DOI:10.1093/cybsec/tyae012