Organizations need help keeping their infrastructure and data secure because cybercrimes and cyberattacks are rising. It is known that the highest risk to any organization is the risk that end users present (Aljeaid, 2020; Yuan, 2021). The problem to be addressed in this study is that end-user employees' behavior remains the biggest reason for…

The purpose of this generic qualitative inquiry research study is to examine the features that need to be improved in self-paced cybersecurity awareness training to educate retail employees to identify phishing attacks. Malicious phishing attacks are a significant threat to retail corporations' business operations and confidential data. Employees'…

This dissertation addresses the problem of practice of the high rate of employees in financial organizations clicking on phishing links, positioning their companies at risk of a data incident or breach. The financial sector was the most breached industry in 2022 (Schwartz, 2022) and was impacted the most by malicious phishing emails (Trellix…

This phenomenological study's objective was to review the existing initiatives for cybersecurity awareness and training that are in place for the K-12 education system throughout the United States. Every facet of life is now plagued by the potential, perceived, and real threat of cyber warfare, which includes, but is not limited to, K-12 schools…

Organizations face many cybersecurity threats. Among those threats, social engineering attacks such as phishing stand out as a constant and costly struggle. The primary tools for combating social engineering are information security policy (ISP) and security awareness training (SAT), which seek to inform users of the threat of social engineering,…

The frequency of cyberattacks against governments has increased at an alarming rate and the lack of user awareness and knowledge of cybersecurity has been considered a contributing factor to the increase in cyberattacks and cyberthreats. The purpose of this quantitative experimental study was to explore the role and effectiveness of employee…

There is increasing competitive pressure on organizations as they battle frequent, costly, and complex cyber-attacks that seek to undermine the security, and availability of their computing systems. The problem is that people are said to be the weakest link in the security chain, so companies have made significant investments to safeguard their…

Academic institutions hold important information about students, faculty, and staff members. Hackers target academic institutions to access this information for criminal activities such as identity theft. This study was conducted to examine information confidentiality and cybersecurity in academic institutions. It targeted employees' training…

A high number of cyber breaches in organizations occur as a result of email phishing attempts. Research has shown that cyber education has a positive impact in user awareness of attack methods resulting in the reduction of compromises from email phishing attempts. However, in some instances, cyber education does not have a positive impact on the…

Cybersecurity awareness training plays a vital role for organizations in guaranteeing resources' availability. Sufficient education regarding security awareness necessitates relating both the scope and importance of the training. This research determines the correlation between an employee's risk score and the effectiveness of AI-based security…

Phishing has become a preferred method among cyber criminals looking to gain access to confidential information. Although most businesses and governmental organizations provide employees with some sort of cyber security training, there is a lack of research examining whether such training methods work to actually reduce susceptibility to…

Data breaches due to social engineering attacks and employee negligence are on the rise. The only known defense against social engineering attacks and employee negligence is information security awareness and training. However, implementation of awareness and training programs within organizations are lagging in priority. This research used the…

There has been a significant growth of portable devices capable of storing both personal data as well as sensitive organizational data. This growth of these portable devices has led to an increased threat of cyber-criminal activity. The purpose of this study was to gain a better understanding of security threats to the data assets of organizations…

There is a lack of literature linking end-user behavior to the availability of open-source intelligence (OSINT). Most OSINT literature has been focused on the use and assessment of open-source intelligence, not the proliferation of personally or organizationally identifiable information (PII/OII). Additionally, information security studies have…

Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…