The critical success factors for Security Education, Training and Awareness (SETA) programme effectiveness: a lifecycle model

cbnd
Thumbnail Image
Files
AlyamiA_PhD2023.pdf(3.97 MB)
Full Text E-thesis
Date
2023-01-09
Authors
Alyami, Areej
Journal Title
Journal ISSN
Volume Title
Publisher
University College Cork
Published Version
Research Projects
Organizational Units
Journal Issue
Abstract
Security Education, Training, and Awareness (SETA) programmes are one of the most important cybersecurity strategies to protect the valuable assets of any organisation, raise awareness, change behaviour, comply with Information Systems (IS) security policy, and minimises IS security threats. The significance of SETA programmes is widely accepted by both academics and practitioners. However, more research is needed to improve SETA programme effectiveness in organisations. A review of the relevant IS/cyber security literature reveals a lack of research into the Critical Success Factors (CSFs) for SETA programme effectiveness. Therefore, this research study explores the CSFs for SETA programme effectiveness. A multi-stage research design is adopted for this research study. Stage One involves the gathering and analysis of lived experiences (using semi-structured interviews) from 20 key expert informants. Emerging from this stage are 11 CSFs for SETA programme effectiveness. These CSFs are mapped along the phases of the SETA programme lifecycle (design, development, implementation, evaluation). Furthermore, 9 relationships between these CFSs are identified (both within and across the lifecycle phases). This research output is a Lifecycle Model of CSFs for SETA programme effectiveness. Stage Two of this research involves an evaluation of the importance of the 11 CSFs for SETA programme effectiveness (emerging from stage one). This evaluation is achieved through administering a short online survey questionnaire (completed by 65 respondents - IS/cyber security professionals) and a series of follow-up probing interviews (with 9 IS/cyber security professionals – 4 key informants for stage one, and 5 survey respondents for stage two). Emerging from this stage is a ranked list of CSFs and 5 guiding principles to overcome the challenges of delivering an effective SETA programme. This research output is an evaluated Lifecycle Model of CSFs for SETA programme effectiveness. Overall, this research provides a depth of insight contributing to both theory and practice and lays the foundation for further research.
Description
Keywords
Cyber security , SETA programme , Awareness , Life cycle model , CSFs
Citation
Alyami, A. 2023. The critical success factors for Security Education, Training and Awareness (SETA) programme effectiveness: a lifecycle model. PhD Thesis, University College Cork.
Link to publisher’s version
URI
https://hdl.handle.net/10468/14507
Collections
Research Theses Submission
Business Information Systems - Doctoral Theses
College of Business and Law - Doctoral Theses
Copyright
© 2023, Areej Alyami.