Patching The “Human” in Information Security: Using the Inoculation Defense to Confer Resistance Against Phishing Attacks

Document Type

Conference Proceeding

Publication Date

12-12-2020

Publication Title

SIGHCI 2020 Proceedings

First page number:

1

Last page number:

5

Abstract

The COVID-19 pandemic has transformed the workspace, thrusting countless employees from organizational work settings to their homes, where they work virtually to access key organizational assets through their cyberinfrastructure. This large-scale virtual workforce imposes drastic cybersecurity issues, threats, and challenges to organizations. To onboard and train employees, companies are left with mainly virtual means to deliver SETA training, using two common training approaches: rule-based and mindfulness. Employees are also facing more challenges and distractions at home where practicing rules and mindfulness can become particularly difficult. Drawing on inoculation theory, this study proposes a new training approach to promote higher resiliency and “umbrella protection” against increasing phishing attacks. This study plans to conduct a mobile phishing SETA training field study at an organization to empirically examine the efficacy of the proposed inoculation-based security training method for work-from-home scenarios.

Keywords

Inoculation theory; Resiliency ratio; SETA; ISec; Security training; Phishing; Attack messages

Disciplines

Computer Sciences | Information Security | Physical Sciences and Mathematics

Language

English


Search your library

Share

COinS