Link Search Menu Expand Document
Publications

This is the mobile-friendly web version of the original article.

CYBERSECURITY - CREATING A CYBERSECURITY CULTURE

California State University, San Bernardino - CSUSB ScholarWorks

Electronic Theses, Projects and Dissertations, Office of Graduate Studies

8-2021

Steven Edward Ogden

California State University - San Bernardino

Video: California State University San Bernardino

Recommended Citation Ogden, Steven Edward, “CYBERSECURITY: CREATING A CYBERSECURITY CULTURE” (2021). Electronic Theses, Projects, and Dissertations. 1284. https://scholarworks.lib.csusb.edu/etd/1284

This Project is brought to you for free and open access by the Office of Graduate Studies at CSUSB ScholarWorks. It has been accepted for inclusion in Electronic Theses, Projects, and Dissertations by an authorized administrator of CSUSB ScholarWorks. For more information, please contact [email protected].

  1. ABSTRACT
  2. LIST OF TABLES
  3. LIST OF FIGURES

CYBERSECURITY: CREATING A CYBERSECURITY CULTURE

A Project Presented to the Faculty of California State University, San Bernardino

In Partial Fulfillment of the Requirements for the Degree Master of Science in Information Systems Technology

by Steven Ogden August 2021

ABSTRACT

Human error has been identified as one of the highest contributing factors to successful cyber-attacks and security incidents that result in data leaks and theft of sensitive information. Human error has been caused by employees not behaving securely when interacting with information systems. This culminating experience project investigated how a cybersecurity culture can be developed to address the human error problem. The research was based on several key questions that focus on influencing factors of human behavior and best practices that have been used to develop a cybersecurity culture so that employees engage in secure behaviors. Social Cognitive Theory was used to guide research focusing on environmental and cognitive factors that influence human behavior and best practices for developing a cybersecurity culture were identified through recent case studies. Key findings include: 1) environmental factors such as social-proximity, subjective norms, and descriptive norms, 2) cognitive factors such as self-efficacy, knowledge, and experience, and 3) several different best practices. Based on the results, this study provides recommendations to the US government for building a cybersecurity culture.

LIST OF TABLES

  • Table 1: List and Definitions of Cyber Threat Actors

  • Table 2: Overview of Research Methods and Publications

LIST OF FIGURES

  • Figure 1.1 Percentage of Organizations Compromised from 2016-2021

  • Figure 1.2 Cybersecurity Effectiveness Barriers

  • Figure 4.1 Factors of Compliant Behavior

Table of contents