In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)
Title: Which Individual, Cultural, Organisational and Interventional Factors
Explain Phishing Resilience?
Author(s): Kathryn Parsons, Marcus Butavicius, Meredith Lillie, Dragana Calic, Agata McCormac, Malcolm Pattinson
Keywords: Phishing; Social Influence; Cyber Security; Information Security Awareness;
Individual Differences; Phishing Resilience
Abstract: We report on the results of an online phishing study, and the factors that predict the ability to resist phishing attacks, which is termed phishing resilience. It is important to understand the factors that predict phishing resilience, because they can be used to develop effective strategies to protect organisational information security. We measured a larger number of individual, cultural, organisational and interventional factors than any previous study. Findings indicate that information security awareness (ISA) is most predictive of phishing resilience, which highlights the importance of security education. Results also suggest that older participants are less susceptible to phishing attacks and individuals who are very influenced by social pressure are more susceptible. When people trusted in the infallibility of technical safeguards, such as spam filters, they had lower phishing resilience, whereas people who preferred using a more rational decision making style had higher phishing resilience. These results suggest that teaching people not only how to behave, but also to stop and think before responding to emails, may ensure that they will have the best chance of resisting phishing attacks.
Download count: 635
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.