Publication details

Home Publications Publication details

Personalising Security Education ‐ Factors influencing individual awareness and compliance
Vasileiou I, Furnell SM
Information Systems Security and Privacy, Fourth International Conference, ICISSP 2018, Madeira, Portugal, Jaruary 22-24, 2018, Revised Selected Papers, P.Mori, S.Furnell and O.Camp (Eds.), Communications in Computer and Information Science, Springer, 2018

Security education and awareness are frequently overlooked for users
in both workplace and personal contexts, and even where some level of provision
is offered it is rarely done in a manner that is matched specifically to the needs
of the audience. However, by personalising the provision, and making the
presentation and messaging more appropriate to the individuals receiving it, there
is a greater chance of achieving understanding, engagement, and resultant compliance.
This paper examines the gap that exists between the typical and desirable
provision of security education. It highlights baseline areas of security literacy
that ought to be applicable to all users, but then illustrates how variations in individuals’
understanding of threshold concepts could complicate the task of delivering
the related education. It is proposed that security education should be
more tailored, recognising factors such as the user’s role, prior knowledge, learning
style, and current perception of security, in order to deliver a more personalised
security education plan that is framed towards individual circumstances and
can be delivered in a manner that suits their needs.

Vasileiou I, Furnell SM