To read this content please select one of the options below:

Effects on employees' information security abilities by e‐learning

Janne Merete Hagen (Gjøvik University College, Gjøvik, Norway)
Eirik Albrechtsen (SINTEF Technology and Society, Safety Research, Trondheim, Norway)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 20 November 2009

2280

Abstract

Purpose

The purpose of this paper is to measure and discuss the effects of an e‐learning tool aiming at improving the information security knowledge, awareness, and behaviour of employees.

Design/methodology/approach

The intervention study has a pre‐ and post‐assessment of knowledge and attitudes among employees. In total, 1,897 employees responded to a survey before and after the intervention. The population is divided into an intervention group and a control group, where the only thing that separates the groups is participation in the intervention (i.e. the e‐learning tool).

Findings

The study documents significant short‐time improvements in security knowledge, awareness, and behavior of members of the intervention group.

Research limitations/implications

The study looks at short‐time effects of the intervention. The paper has done a follow‐up study of the long‐term effects, which is also submitted to Information Management & Computer Security.

Practical implications

The study can document that software that support Information Security Awareness programs have a short‐time effect on employees' knowledge, behaviour, and awareness; more interventions studies, following the same principles as presented in this paper, of other user‐directed measures are needed, to test and document the effects of different measures.

Originality/value

The paper is innovative in the area of information security research as it shows how the effects of an information security intervention can be measured.

Keywords

Citation

Merete Hagen, J. and Albrechtsen, E. (2009), "Effects on employees' information security abilities by e‐learning", Information Management & Computer Security, Vol. 17 No. 5, pp. 388-407. https://doi.org/10.1108/09685220911006687

Publisher

:

Emerald Group Publishing Limited

Copyright © 2009, Emerald Group Publishing Limited

Related articles