Identifying Cybersecurity Training Strategies Across Companies: A Descriptive Study
(2024) SYSK16 20241Department of Informatics
- Abstract
- Digital transformation is blending digital and physical realms, transforming industries and amplifying cybersecurity challenges, emphasizing the need for robust training that addresses human vulnerabilities, important since human error causes 9% of cyber-attacks. The conducted literature review highlighted a need for ongoing adaptation of cybersecurity frameworks, a shift towards blended training methods, and the importance of organizational culture in cybersecurity training. This thesis aimed to identify and describe which cybersecurity training strategies companies currently use to enhance employee cybersecurity awareness. Through descriptive qualitative research and individual interviews, this study showed that organizations adopt a... (More)
- Digital transformation is blending digital and physical realms, transforming industries and amplifying cybersecurity challenges, emphasizing the need for robust training that addresses human vulnerabilities, important since human error causes 9% of cyber-attacks. The conducted literature review highlighted a need for ongoing adaptation of cybersecurity frameworks, a shift towards blended training methods, and the importance of organizational culture in cybersecurity training. This thesis aimed to identify and describe which cybersecurity training strategies companies currently use to enhance employee cybersecurity awareness. Through descriptive qualitative research and individual interviews, this study showed that organizations adopt a multifaceted approach. Key strategies include adherence to frameworks like ISO 27001, which dictate cybersecurity practices but have limited influence on training methods. Organizations blend traditional and innovative methods such as gamification, simulations, and web-based modules, focusing on practicality and engagement with regular updates and micro-training sessions. Leadership plays an important role in fostering a proactive cybersecurity culture, emphasizing learning from mistakes and maintaining security across various working environments. Overall, companies utilize diverse training techniques and cultural leadership to equip employees against cybersecurity threats. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/9152164
- author
- Kempf, Annie LU and Bengtsson, Sebastian LU
- supervisor
-
- Odd Steen LU
- organization
- course
- SYSK16 20241
- year
- 2024
- type
- M2 - Bachelor Degree
- subject
- keywords
- Cybersecurity Training, Organizational Culture in Cybersecurity, Security Frameworks, Cyber Risk Management
- language
- English
- id
- 9152164
- date added to LUP
- 2024-05-23 14:57:30
- date last changed
- 2024-05-23 14:57:30
@misc{9152164,
abstract = {{Digital transformation is blending digital and physical realms, transforming industries and amplifying cybersecurity challenges, emphasizing the need for robust training that addresses human vulnerabilities, important since human error causes 9% of cyber-attacks. The conducted literature review highlighted a need for ongoing adaptation of cybersecurity frameworks, a shift towards blended training methods, and the importance of organizational culture in cybersecurity training. This thesis aimed to identify and describe which cybersecurity training strategies companies currently use to enhance employee cybersecurity awareness. Through descriptive qualitative research and individual interviews, this study showed that organizations adopt a multifaceted approach. Key strategies include adherence to frameworks like ISO 27001, which dictate cybersecurity practices but have limited influence on training methods. Organizations blend traditional and innovative methods such as gamification, simulations, and web-based modules, focusing on practicality and engagement with regular updates and micro-training sessions. Leadership plays an important role in fostering a proactive cybersecurity culture, emphasizing learning from mistakes and maintaining security across various working environments. Overall, companies utilize diverse training techniques and cultural leadership to equip employees against cybersecurity threats.}},
author = {{Kempf, Annie and Bengtsson, Sebastian}},
language = {{eng}},
note = {{Student Paper}},
title = {{Identifying Cybersecurity Training Strategies Across Companies: A Descriptive Study}},
year = {{2024}},
}