Title
Patching The “Human” in Information Security: Using the Inoculation Defense to Confer Resistance Against Phishing Attacks
Document Type
Conference Proceeding
Publication Date
12-12-2020
Publication Title
SIGHCI 2020 Proceedings
First page number:
1
Last page number:
5
Abstract
The COVID-19 pandemic has transformed the workspace, thrusting countless employees from organizational work settings to their homes, where they work virtually to access key organizational assets through their cyberinfrastructure. This large-scale virtual workforce imposes drastic cybersecurity issues, threats, and challenges to organizations. To onboard and train employees, companies are left with mainly virtual means to deliver SETA training, using two common training approaches: rule-based and mindfulness. Employees are also facing more challenges and distractions at home where practicing rules and mindfulness can become particularly difficult. Drawing on inoculation theory, this study proposes a new training approach to promote higher resiliency and “umbrella protection” against increasing phishing attacks. This study plans to conduct a mobile phishing SETA training field study at an organization to empirically examine the efficacy of the proposed inoculation-based security training method for work-from-home scenarios.
Keywords
Inoculation theory; Resiliency ratio; SETA; ISec; Security training; Phishing; Attack messages
Disciplines
Computer Sciences | Information Security | Physical Sciences and Mathematics
Language
English
Repository Citation
Wu, D.,
Zhang, J.,
Brown, N.,
Lowry, P. B.,
Moody, G. D.
(2020).
Patching The “Human” in Information Security: Using the Inoculation Defense to Confer Resistance Against Phishing Attacks.
SIGHCI 2020 Proceedings
1-5.