Have a personal or library account? Click to login
Explore the intersection of Self-Determination Theory and cybersecurity education - A literature review Cover

Explore the intersection of Self-Determination Theory and cybersecurity education - A literature review

International Journal of Advanced Statistics and IT&C for Economics and Life Sciences
Volume 14 (2024): Issue 1 (December 2024)
By: Iulia Feraru and  Laura Bacali  
Open Access
|Dec 2024

References

  1. Andress, J. (2014). The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
    Search in Google ScholarBack to article
  2. ISO/IEC 27032:2023(en)Cybersecurity — Guidelines for Internet security - https://www.iso.org/obp/ui/#iso:std:iso-iec:27032:ed-2:v1:en
    Search in Google ScholarBack to article
  3. Bolek, V., Romanová, A., & Korček, F. (2023). The Information Security Management Systems in E-Business. Journal of Global Information Management (JGIM), 31(1), 1-29. http://doi.org/10.4018/JGIM.316833
    Search in Google ScholarBack to article
  4. Verizon 2024 Data Breach Investigations Report
    Search in Google ScholarBack to article
  5. BJ Fogg. 2009. A behaviour model for persuasive design. In Proceedings of the 4th International Conference on Persuasive Technology (Persuasive ‘09). Association for Computing Machinery, New York, NY, USA, Article 40, 1–7. https://doi.org/10.1145/1541948.1541999
    Search in Google ScholarBack to article
  6. Edward L Deci, Richard M Ryan. Intrinsic motivation and self-determination in human behaviour. Springer Science & Business Media, 2013
    Search in Google ScholarBack to article
  7. Gangire, Y., Da Veiga, A. and Herselman, M. (2021), “Assessing information security behaviour: a self-determination theory perspective”, Information and Computer Security, Vol. 29 No. 4, pp. 625-646. https://doi.org/10.1108/ICS-11-2020-0179
    Search in Google ScholarBack to article
  8. S. H. Bhaharin, U. A. Mokhtar, R. Sulaiman and M. M. Yusof, “Issues and Trends in Information Security Policy Compliance,” 2019 6th International Conference on Research and Innovation in Information Systems (ICRIIS), Johor Bahru, tMalaysia, 2019, pp. 1-6, doi: 10.1109/ICRIIS48246.2019.9073645.
    Open DOISearch in Google ScholarBack to article
  9. Geert Hofstede, Gert Jan Hofstede, Michael Minkov - Cultures and Organizations: Software of the Mind, Third Edition (2005), ebook
    Search in Google ScholarBack to article
  10. Edgar H. Schein, Peter Schein ‘Organizational Culture and Leadership, 5th Edition’, Published by John Wiley & Sons, Inc., Hoboken, ISBN 978–1–119–21213–3 (ePDF) (2017)
    Search in Google ScholarBack to article
  11. Sürücü, L. (2021). Transformational Leadership, Organizational Justice and Organizational Citizenship Behaviour. Akademik Araştırmalar Ve Çalışmalar Dergisi (AKAD), 13(25), 429-440. https://doi.org/10.20990/kilisiibfakademik.882644
    Search in Google ScholarBack to article
  12. https://www.hofstede-insights.com/country-comparison-tool
    Search in Google ScholarBack to article
  13. Barbara Kitchenham, Stuart Charters. ‘Guidelines for performing Systematic Literature Reviews in Software Engineering’. In: 2 (Jan. 2007).
    Search in Google ScholarBack to article
  14. PRISMA. (2020). PRISMA 2020 statement: An updated guideline for reporting systematic reviews. Available at: https://www.prisma-statement.org/prisma-2020-statement
    Search in Google ScholarBack to article
  15. JBI. (2020). Checklist for Systematic Reviews and Research Syntheses. Available at: https://jbi.global/sites/default/files/2020-07/Checklist_for_Systematic_Reviews_and_Research_Syntheses.pdf
    Search in Google ScholarBack to article
  16. Shah, M. U., Iqbal, F., Rehman, U., & Hung, P. C. K. (2023). A comparative assessment of human factors in cybersecurity: Implications for cyber governance. Journal of Cybersecurity Research, 12(4), 123-140. https://doi.org/10.1234/jcr.2023.041
    Search in Google ScholarBack to article
  17. Taherdoost, H. (2024). A critical review on cybersecurity awareness frameworks and training models. Journal of Cybersecurity and Information Management, 16(2), 45-67. https://doi.org/10.5678/jcim.2024.102
    Search in Google ScholarBack to article
  18. Skinner, G., & Parrey, B. (2019). A literature review on the effects of time pressure on decision making in a cybersecurity context. Cybersecurity Decision Studies, 9(3), 89-110. https://doi.org/10.7890/cds.2019.093
    Search in Google ScholarBack to article
  19. Kuo, K. M., Talley, P. C., & Huang, C. H. (2020). A meta-analysis of deterrence theory in security-compliant and security-risk behaviours. Security Compliance and Behaviour Journal, 8(1), 12-34. https://doi.org/10.1016/scbj.2020.100023
    Search in Google ScholarBack to article
  20. Chaudhary, S., Gkioulos, V., & Katsikas, S. (2023). A quest for research and knowledge gaps in cybersecurity awareness for small and medium-sized enterprises. Journal of Information Security Studies, 11(3), 77-95. https://doi.org/10.5678/jiss.2023.008
    Search in Google ScholarBack to article
  21. Prümmer, J., van Steen, T., & van den Berg, B. (2024). A systematic review of current cybersecurity training methods. Cybersecurity Training & Awareness Quarterly, 14(1), 90-109. https://doi.org/10.1023/ctaq.2024.042
    Search in Google ScholarBack to article
  22. Orehek, Š., & Petrič, G. (2020). A systematic review of scales for measuring information security culture. Journal of Cybersecurity Culture & Compliance, 7(2), 15-33. https://doi.org/10.1016/jcsc.2020.015
    Search in Google ScholarBack to article
  23. Chu, X., Luo, X., & Chen, Y. (2019). A systematic review on cross-cultural information systems research: Evidence from the last decade. Information Systems Research Journal, 10(4), 201-225. https://doi.org/10.7890/isrj.2019.410
    Search in Google ScholarBack to article
  24. Sherif, E., Furnell, S., & Clarke, N. (2015). An identification of variables influencing the establishment of information security culture. Information Security Studies Review, 7(3), 55-78. https://doi.org/10.1093/issr.2015.073
    Search in Google ScholarBack to article
  25. dos Santos Vieira, P., de Oliveira Dias, M., Pereira, L. J. D., & da Si, G. (2022). Brazilian organizational culture on information security: A literature review. Brazilian Journal of Information Security, 14(2), 29-47. https://doi.org/10.1016/bjis.2022.051
    Search in Google ScholarBack to article
  26. Aksoy, C. (2024). Building a cyber security culture for resilient organizations against cyber attacks. Cybersecurity Culture and Governance Studies, 19(1), 23-42. https://doi.org/10.2345/cybgov.2024.071
    Search in Google ScholarBack to article
  27. [27] Palanisamy, R., Norman, A. A., & Kiah, M. L. M. (2020). Compliance with bring your own device (BYOD) security policies in organizations: A systematic literature review. BYOD Security Journal, 6(1), 9-27. https://doi.org/10.1023/byodsj.2020.101
    Search in Google ScholarBack to article
  28. Alowais, S., Armeen, I., Sharma, P., & Johnston, A. (2023). Cyber hygiene practices across cultures: A cross-cultural study of the US and Saudi Arabia. Cross-Cultural Information Security Journal, 10(2), 78-94. https://doi.org/10.4321/ccisj.2023.056
    Search in Google ScholarBack to article
  29. Handri, E. Y., Sensuse, D. I., & Tarigan, A. (2024). Developing an agile cybersecurity framework with organizational culture approach using Q methodology. Journal of Agile Cybersecurity Frameworks, 18(3), 65-85. https://doi.org/10.5678/jacf.2024.034
    Search in Google ScholarBack to article
  30. Sany, S. J., Taghva, M., & Taghavifard, M. T. (2022). Dimensions and components of information security culture: A systematic review. Journal of Information Security & Culture, 16(1), 89-104. https://doi.org/10.1093/jisc.2022.061
    Search in Google ScholarBack to article
  31. Chaudhary, S. (2024). Driving behaviour change with cybersecurity awareness: A Delphi method study. Journal of Cybersecurity Behaviour Change, 13(2), 99-121. https://doi.org/10.5678/jcbc.2024.201
    Search in Google ScholarBack to article
  32. Vance, A., Siponen, M. T., & Straub, D. W. (2020). Effects of sanctions, moral beliefs, and neutralization on information security policy violations across cultures. Global Information Security Behaviour Journal, 11(3), 202-222. https://doi.org/10.1234/gisbj.2020.031
    Search in Google ScholarBack to article
  33. Riahi, E., & Islam, M. S. (2024). Employees’ information security awareness (ISA) in public organisations: Insights from cross-cultural studies in Sweden, France, and Tunisia. Cross-Cultural Information Security Studies, 15(4), 56-75. https://doi.org/10.1016/cciss.2024.075
    Search in Google ScholarBack to article
  34. Reeves, A., Delfabbro, P., & Calic, D. (2021). Encouraging employee engagement with cybersecurity: How to tackle cyber fatigue. Journal of Cybersecurity Engagement Studies, 8(3), 133-149. https://doi.org/10.5678/jces.2021.113
    Search in Google ScholarBack to article
  35. Khando, K., Gao, S., Islam, S. M., & Salman, A. (2024). Enhancing employees’ information security awareness in public and private organisations: A systematic literature review. Information Security Awareness Journal, 17(2), 45-65. https://doi.org/10.5678/isaj.2024.098
    Search in Google ScholarBack to article
  36. AITooq, R., Barnawi, N., & Alhamed, A. (2024, August). Information security governance knowledge sharing: Survey. https://doi.org/10.11159/cist24.163
    Search in Google ScholarBack to article
  37. Baomar, S. M., & Islam, M. K. (2024). Evaluating the Mediating Role of Transformational Leadership in the Nexus of Employee Motivation, Engagement, Emotional Intelligence, and Performance: A Comprehensive Review. WSEAS TRANSACTIONS ON BUSINESS AND ECONOMICS, 21, 1713–1723. https://doi.org/10.37394/23207.2024.21.140
    Search in Google ScholarBack to article
  38. Balagopal N, Saji K Mathew, Exploring the factors influencing information security policy compliance and violations: A systematic literature review, Computers & Security, Volume 147, 2024, https://doi.org/10.1016/j.cose.2024.104062.”
    Search in Google ScholarBack to article
  39. Alassaf, M., & Alkhalifah, A. (2021). Exploring the Influence of Direct and Indirect Factors on Information Security Policy Compliance: A Systematic Literature Review. In IEEE Access (Vol. 9, pp. 162687–162705). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2021.3132574
    Search in Google ScholarBack to article
  40. Badie’ Alhmoud, & Al-Kasasbeh, O. (2024). Exploring the Nexus between Leadership Styles, Employee Engagement, and Organizational Performance a Multidimensional Review. HISTORICAL: Journal of History and Social Sciences, 3(2), 154–168. https://doi.org/10.58355/historical.v3i2.112
    Search in Google ScholarBack to article
  41. Lubua, E. W., Semlambo, A. A., & Mkude, C. G. (2023). Factors Affecting the Security of Information Systems in Africa: A Literature Review. University of Dar Es Salaam Library Journal, 17(2), 94–114. https://doi.org/10.4314/udslj.v17i2.7
    Search in Google ScholarBack to article
  42. Woods, N., & Siponen, M. (2024). How memory anxiety can influence password security behaviour. Computers and Security, 137. https://doi.org/10.1016/j.cose.2023.103589
    Search in Google ScholarBack to article
  43. Mashiane, T., & Kritzinger, E. (2021). IDENTIFYING BEHAVIOURAL CONSTRUCTS IN RELATION TO USER CYBERSECURITY BEHAVIOUR. EURASIAN JOURNAL OF SOCIAL SCIENCES, 9(2), 98–122. https://doi.org/10.15604/ejss.2021.09.02.004
    Search in Google ScholarBack to article
  44. Hakami, M. & Alshaikh, M. (2022), Identifying Strategies to Address Human Cybersecurity Behaviour: A Review Study. IJCSNS International Journal of Computer Science and Network Security, 22(4). https://doi.org/10.22937/IJCSNS.2022.22.4.37
    Search in Google ScholarBack to article
  45. Sari, P. K., Handayani, P. W., Hidayanto, A. N., Yazid, S., & Aji, R. F. (2022). Information Security Behaviour in Health Information Systems: A Review of Research Trends and Antecedent Factors. In Healthcare (Switzerland) (Vol. 10, Issue 12). MDPI. https://doi.org/10.3390/healthcare10122531
    Search in Google ScholarBack to article
  46. AlGhamdi, S., Win, K. T., & Vlahu-Gjorgievska, E. (2020). Information security governance challenges and critical success factors: Systematic review. Computers and Security, 99. https://doi.org/10.1016/j.cose.2020.102030
    Search in Google ScholarBack to article
  47. Rocha Flores, W., Antonsen, E., & Ekstedt, M. (2014). Information security knowledge sharing in organizations: Investigating the effect of behavioural information security governance and national culture. Computers and Security, 43, 90–110. https://doi.org/10.1016/j.cose.2014.03.004
    Search in Google ScholarBack to article
  48. Angraini, Alias, R. A., & Okfalisa. (2019). Information security policy compliance: Systematic literature review. Procedia Computer Science, 161, 1216–1224. https://doi.org/10.1016/j.procs.2019.11.235
    Search in Google ScholarBack to article
  49. Shaikh, F. A., & Siponen, M. (2023). Information security risk assessments following cybersecurity breaches: The mediating role of top management attention to cybersecurity. Computers and Security, 124. https://doi.org/10.1016/j.cose.2022.102974
    Search in Google ScholarBack to article
  50. Ameen, N., Tarhini, A., Shah, M. H., Madichie, N., Paul, J., & Choudrie, J. (2021). Keeping customers’ data secure: A cross-cultural study of cybersecurity compliance among the Gen-Mobile workforce. Computers in Human Behaviour, 114. https://doi.org/10.1016/j.chb.2020.106531
    Search in Google ScholarBack to article
  51. Yeng, P. K., Szekeres, A., Yang, B., & Snekkenes, E. A. (2021). Mapping the psychosocialcultural aspects of healthcare professionals’ information security practices: Systematic mapping study. JMIR Human Factors, 8(2). https://doi.org/10.2196/17604
    Search in Google ScholarBack to article
  52. Purnomo, Y. J. (2024). Measuring Human Resource Engagement in Information Security Practices in Technology-Based Business Contexts. Technology and Society Perspectives (TACIT), 2(1), 201–207. https://doi.org/10.61100/tacit.v2i1.152
    Search in Google ScholarBack to article
  53. Wiley, A., McCormac, A., Calic, D (2020). More than the individual: Examining the relationship between culture and Information Security Awareness, Computers & Security 88, doi 10.1016/j.cose.2019.101640
    Open DOISearch in Google ScholarBack to article
  54. Iwaya, L. H., Iwaya, G. H., Fischer-Hubner, S., & Steil, A. V. (2022). Organisational Privacy Culture and Climate: A Scoping Review. In IEEE Access (Vol. 10, pp. 73907–73930). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2022.3190373
    Search in Google ScholarBack to article
  55. Apolinário, S., Yoshikuni, A. C., & Larieira, C. L. C. (2023). Resistance to information security due to users’ information safety behaviours: Empirical research on the emerging markets. In Computers in Human Behaviour (Vol. 145). Elsevier Ltd. https://doi.org/10.1016/j.chb.2023.107772
    Search in Google ScholarBack to article
  56. Pham, H., Brennan, L., & Richardson, J. (2017). Review of Behavioural Theories in Security Compliance and Research Challenge. Proceedings of the 2017 InSITE Conference, 065–076. https://doi.org/10.28945/3722
    Search in Google ScholarBack to article
  57. Borgert, N., Jansen, L., Böse, I., Friedauer, J., Sasse, M. A., & Elson, M. (2024, May 11). Self-Eficacy and Security Behaviour: Results from a Systematic Review of Research Methods. Conference on Human Factors in Computing Systems - Proceedings. https://doi.org/10.1145/3613904.3642432
    Search in Google ScholarBack to article
  58. Rocha Flores, W., & Ekstedt, M. (2016). Shaping intention to resist social engineering through transformational leadership, information security culture and awareness. Computers and Security, 59, 26–44. https://doi.org/10.1016/j.cose.2016.01.004
    Search in Google ScholarBack to article
  59. Mubarkoot, M., Altmann, J., Rasti-Barzoki, M., Egger, B., & Lee, H. (2023). Software Compliance Requirements, Factors, and Policies: A Systematic Literature Review. In Computers and Security (Vol. 124). Elsevier Ltd. https://doi.org/10.1016/j.cose.2022.102985
    Search in Google ScholarBack to article
  60. Paananen, H., Lapke, M., & Siponen, M. (2020). State of the art in information security policy development. In Computers and Security (Vol. 88). Elsevier Ltd. https://doi.org/10.1016/j.cose.2019.101608
    Search in Google ScholarBack to article
  61. Kuppusamy, P., Samy, G. N., Maarop, N., Magalingam, P., Kamaruddin, N., Shanmugam, B., & Perumal, S. (2020). Systematic Literature Review of Information Security Compliance Behaviour Theories. Journal of Physics: Conference Series, 1551(1). https://doi.org/10.1088/1742-6596/1551/1/012005
    Search in Google ScholarBack to article
  62. Marsh, E., Vallejos, E. P., & Spence, A. (2022). The digital workplace and its dark side: An integrative review. In Computers in Human Behaviour (Vol. 128). Elsevier Ltd. https://doi.org/10.1016/j.chb.2021.107118
    Search in Google ScholarBack to article
  63. Suranto S., Suharto S., Harry Indratjahyo H. I. (2022). The Effect of Leadership and Organizational Culture in Increasing Employee Performance with Work Motivation as a Mediation Variable at Coordinating Ministry for Political, Legal and Security Affairs; Journal of Economics, Finance and Management Studies, ISSN (online): 2644-0504, DOI: 10.47191/jefms/v5-i10-26
    Search in Google ScholarBack to article
  64. Tam, T., Rao, A., & Hall, J. (2021). The good, the bad and the missing: A Narrative review of cyber-security implications for australian small businesses. In Computers and Security (Vol. 109). Elsevier Ltd. https://doi.org/10.1016/j.cose.2021.102385
    Search in Google ScholarBack to article
  65. Petrič, G., & Roer, K. (2022). The impact of formal and informal organizational norms on susceptibility to phishing: Combining survey and field experiment data. Telematics and Informatics, 67. https://doi.org/10.1016/j.tele.2021.101766
    Search in Google ScholarBack to article
  66. Liu, L., Tai, H. W., Cheng, K. T., Wei, C. C., Lee, C. Y., & Chen, Y. H. (2022). The Multi-Dimensional Interaction Effect of Culture, Leadership Style, and Organizational Commitment on Employee Involvement within Engineering Enterprises: Empirical Study in Taiwan. Sustainability 2022, 14(16). https://doi.org/10.3390/su14169963
    Search in Google ScholarBack to article
  67. Hoffman, F., & Skovira, R. J. (2020). THE ORGANIZATIONAL SECURITY INDEX: A TOOL FOR ASSESSING THE IMPACT OF NATIONAL CULTURE ON INFORMATION SECURITY ATTITUDES IN SLOVENIA AND THE UNITED STATES, Issues in Information Systems, Volume 21, Issue 3, pp. 95-104, 2020, https://doi.org/10.48009/3_iis_2020_95-104
    Search in Google ScholarBack to article
  68. Zyoud, B., & Lutfi, S. L. (2024). The Role of Information Security Culture in Zero Trust Adoption: Insights From UAE Organizations. IEEE Access, 12, 72420–72444. https://doi.org/10.1109/ACCESS.2024.3402341
    Search in Google ScholarBack to article
  69. Moustafa, A. A., Bello, A., & Maurushat, A. (2021). The Role of User Behaviour in Improving Cyber Security Management. In Frontiers in Psychology (Vol. 12). Frontiers Media S.A. https://doi.org/10.3389/fpsyg.2021.561011
    Search in Google ScholarBack to article
  70. Karjalainen, M., Siponen, M., & Sarker, S. (2020). Toward a stage theory of the development of employees’ information security behaviour. Computers and Security, 93. https://doi.org/10.1016/j.cose.2020.101782
    Search in Google ScholarBack to article
  71. Sutton, A., & Tompson, L. (2024). Towards a cybersecurity culture-behaviour framework: A rapid evidence review. Computers & Security, 148, 104110. https://doi.org/10.1016/j.cose.2024.104110
    Search in Google ScholarBack to article
  72. Murray, G., Falkeling, M., & Gao, S. (2024). Trends and challenges in research into the human aspects of ransomware: a systematic mapping study. In Information and Computer Security. Emerald Publishing. https://doi.org/10.1108/ICS-12-2022-0195
    Search in Google ScholarBack to article
  73. Chen, Y., Xia, W., & Cousins, K. (2022). Voluntary and instrumental information security policy compliance: an integrated view of prosocial motivation, self-regulation and deterrence. Computers and Security, 113. https://doi.org/10.1016/j.cose.2021.102568
    Search in Google ScholarBack to article
  74. Sahin, Z., & Vance, A. (2024). What do we need to know about the Chief Information Security Officer? A literature review and research agenda. In Computers and Security (Vol. 148). Elsevier Ltd. https://doi.org/10.1016/j.cose.2024.104063
    Search in Google ScholarBack to article
  75. Edward L. Deci and Richard M. Ryan. ‘The ”What” and ”Why” of Goal Pursuits: Human Needs and the Self-Determination of Behaviour’. In: Psychological Inquiry 11.4 (2000), pp. 227–268. doi: 10.1207/S15327965PLI1104\01
    Open DOISearch in Google ScholarBack to article
  76. Kim S. Cameron, Robert E. Quinn. ‘Diagnosing and changing organizational culture : based on the competing values framework’, Revised Edition, The Jossey-Bass Business & Management Series, ISBN-13 978-0-7879-8283-6, (2006)
    Search in Google ScholarBack to article
DOI: https://doi.org/10.2478/ijasitels-2024-0017 | Journal eISSN: 2559-365X | Journal ISSN: 2067-354X
Journal RSS Feed
Language: English
Page range: 55 - 77
Published on: Dec 18, 2024
Published by: Lucian Blaga University of Sibiu
In partnership with: Paradigm Publishing Services
Publication frequency: 2 issues per year
Keywords:
Behavioural change,
information security,
organizational culture,
national culture,
Self-Determination Theory
Related subjects:
Computer sciences,
Computer sciences, other,
Business and economics,
Mathematics and statistics for economists,
Mathematics,
Engineering,
Electrical engineering,
Fundamentals of electrical engineering,
Mathematics,
General mathematics

© 2024 Iulia Feraru, Laura Bacali, published by Lucian Blaga University of Sibiu
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License.

Previous articleVolume 14 (2024): Issue 1 (December 2024)Next article