Cybersecurity Adoption, Awareness, & Training
People and organizations often fail to adopt and effectively use cybersecurity best practices and technologies for a variety of reasons, including poor awareness, lack of knowledge/skill, and personal biases. Those professionals tasked with educating others may likewise face a number of challenges, including lack of resources, support, and skills needed to be effective security communicators.
We are conducting research to better understand current approaches and challenges with cybersecurity awareness and training through the eyes of training professionals within the U.S. government. In the recent past, we have also explored cybersecurity adoption factors and the role of cybersecurity advocates (security professionals who promote and educate people about security best practices) in facilitating adoption.
Current/recent research projects:
Past projects:
- Security advocacy - understanding the skills, characteristics, and professional motivations of cybersecurity advocates
- Security awareness program case study – extended prior work on cybersecurity advocacy to conduct an in-depth case study of advocacy in practice at a federal agency to identify cybersecurity advocate professional attributes and effective advocacy techniques
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
