Anawar, Syarulnaziah and Kunasegaran, Durga L. and Mas'ud, Mohd Zaki and Zakaria, Nurul Azma (2019) Analysis Of Phishing Susceptibility In A Workplace: A Big-Five Personality Perspectives. Journal of Engineering Science and Technology, 14 (5). pp. 2865-2882. ISSN 1823-4690
Text
MAIN_AUTHOR-ANALYSIS_OF_PHISHING_SUSCEPTIBILITY_IN_A_WORKPLACE.PDF Download (600kB) |
Abstract
Employee is frequently referred to as the weakest link in the cyber security in an organization. Differences in the employees’ personality makes it hard for any organization to design a proper mitigation strategy in order to prevent them from being a victim of phishing attack. Besides, users’ general life experience and technological experience will also influence the type of user’s personality traits while handling or interacting with the security system, which affects their susceptibility towards phishing. The objective of this paper is to examine the personality traits that influence phishing susceptibility among employees in a workplace, and to investigate the influence of employees’ experience in shaping employees’ personality and consequently their behaviour in resisting phishing attack. This study used quantitative method. A survey (N = 252) of employees in mid-sized IT related companies in Malaysia attempted to identify individual’s characteristics that relate to phishing susceptibility and characterize the higherrisk employees that pose threats to the companies. This paper presents three notable findings. First, the results of correlation analysis emphasized the importance of employees’ technical and general experience in shaping their personality to resist phishing attack. Secondly, the results of correlation analysis show that conscientiousness and self-monitoring personality traits were positively related with employee’s secure behaviour towards phishing threats. Finally, this study concluded that extroversion personality had the strongest influence towards phishing susceptibility, followed by self-monitoring, agreeableness and conscientiousness. The findings suggest that there is an inverse influence between personality traits (independent variables) and user behaviour (dependent variable). The proposed framework is useful for research attempting to shift concern on human factors in order to help organization improving employees’ cyber security compliance
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Cyber security, Personality, Phishing, Social Engineering |
Divisions: | Faculty of Information and Communication Technology > Department of System and Computer Communication |
Depositing User: | Norfaradilla Idayu Ab. Ghafar |
Date Deposited: | 03 Dec 2020 11:50 |
Last Modified: | 03 Dec 2020 11:50 |
URI: | http://eprints.utem.edu.my/id/eprint/24296 |
Statistic Details: | View Download Statistic |
Actions (login required)
View Item |