TY - JOUR
T1 - A systematic review of multi perspectives on human cybersecurity behavior
AU - Alsharida, Rawan A.
AU - Al-rimy, Bander Ali Saleh
AU - Al-Emran, Mostafa
AU - Zainal, Anazida
N1 - Publisher Copyright:
© 2023 Elsevier Ltd
PY - 2023/5/1
Y1 - 2023/5/1
N2 - Although the cornerstones of cybersecurity are technical and data-driven solutions, the human element cannot be disregarded. Understanding users’ behavior is essential to spot security incidents and data breaches. Although previous studies reviewed different angles on cybersecurity behavior, there is still a lack of an overview of the topic through the lenses of cybersecurity theories/models. This systematic review aims to provide multi perspectives on human cybersecurity behavior by evaluating and synthesizing cybersecurity theories/models, independent variables, target variables, moderators, methodologies, participants, units of analysis, technologies/services, countries, and domains. Of 2936 articles collected, 93 studies met the inclusion criteria and were thoroughly analyzed. The main results revealed that the protection motivation theory (PMT) and theory of planned behavior (TPB) were the most common theories in the analyzed literature. 76% of the analyzed studies did not involve a moderator to examine the relationships between predictors and target variables. Most of the studies were conducted at the individual level, mainly involving students and end-users. Social media and mobile devices were the most common tools examined for human cybersecurity behavior. Most of the studies were conducted in the education sector, with a limited number of studies examining the healthcare sector. Behavioral intention and cybersecurity behavior were the primary target/outcome variables in the analyzed studies. The review offers several theoretical contributions and practical implications and provides several research agendas that can be examined in future research.
AB - Although the cornerstones of cybersecurity are technical and data-driven solutions, the human element cannot be disregarded. Understanding users’ behavior is essential to spot security incidents and data breaches. Although previous studies reviewed different angles on cybersecurity behavior, there is still a lack of an overview of the topic through the lenses of cybersecurity theories/models. This systematic review aims to provide multi perspectives on human cybersecurity behavior by evaluating and synthesizing cybersecurity theories/models, independent variables, target variables, moderators, methodologies, participants, units of analysis, technologies/services, countries, and domains. Of 2936 articles collected, 93 studies met the inclusion criteria and were thoroughly analyzed. The main results revealed that the protection motivation theory (PMT) and theory of planned behavior (TPB) were the most common theories in the analyzed literature. 76% of the analyzed studies did not involve a moderator to examine the relationships between predictors and target variables. Most of the studies were conducted at the individual level, mainly involving students and end-users. Social media and mobile devices were the most common tools examined for human cybersecurity behavior. Most of the studies were conducted in the education sector, with a limited number of studies examining the healthcare sector. Behavioral intention and cybersecurity behavior were the primary target/outcome variables in the analyzed studies. The review offers several theoretical contributions and practical implications and provides several research agendas that can be examined in future research.
KW - Avoidance motivation
KW - Compliance behavior
KW - Cybersecurity awareness
KW - Cybersecurity behavior
KW - Systematic review
UR - http://www.scopus.com/inward/record.url?scp=85153675475&partnerID=8YFLogxK
U2 - 10.1016/j.techsoc.2023.102258
DO - 10.1016/j.techsoc.2023.102258
M3 - Article
AN - SCOPUS:85153675475
SN - 0160-791X
VL - 73
JO - Technology in Society
JF - Technology in Society
M1 - 102258
ER -