A Systematic Literature Review of Cybersecurity Scales Assessing Information Security Awareness

Overview

Journal Heliyon

Specialty Social Sciences

Date 2023 Mar 20

PMID 36938452

Authors

Rohani Rohan

Debajyoti Pal

Jari Hautamaki

Suree Funilkul

Wichian Chutimaskul

Himanshu Thapliyal

Affiliations

Soon will be listed here.

Abstract

Information Security Awareness (ISA) is a significant concept that got considerable attention recently and can assist in minimizing the risks associated with information security breaches. Several measurement scales have been developed in this regard, as measuring users' ISA is paramount. Although ISA specific scales are very important, yet what methodological rigor they use in terms of initial conceptualization of ISA, data collection and analysis during the development, and scale validation of such scales are some unknown aspects. Therefore, we provide a comprehensive review of the existing ISA specific scales to address all the above concerns. A popular method, PRISMA, is utilized, and a total of 24 articles that match with criteria of this research are included for the final in-depth analysis. Also, a holistic evaluation framework is developed containing three phases and 19 criteria. Findings revealed that most studies treat ISA as a multi-dimensional construct, and ISA researchers rarely conduct both pilot testing and pre-text evaluation while validating and refining the initial scales. Additionally, several articles did not report some of the essential elements used for checking the rigor of factor analysis, and evidence for validities of the identified scales is inadequate. Consequently, existing ISA specific scales must be improved both in terms of the methodological thoroughness of the scale development procedure and their validities. Moreover, not only justifying why the development of a new scale is necessary, but also improving the quality of the existing scales by doing multiple iterations is significant in the future. Likewise, the inclusion of all the dimensions of ISA, while generating the initial items pool is an important aspect to be considered. A thorough discussion, recommendations for future research, conclusions, and study limitations are provided.

References

Norris M, Lecavalier L . Evaluating the use of exploratory factor analysis in developmental disability psychological research. J Autism Dev Disord. 2009; 40(1):8-20. DOI: 10.1007/s10803-009-0816-2. View

Hadlington L . Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon. 2017; 3(7):e00346. PMC: 5501883. DOI: 10.1016/j.heliyon.2017.e00346. View

Morgado F, Meireles J, Neves C, Amaral A, Ferreira M . Scale development: ten main limitations and recommendations to improve future research practices. Psicol Reflex Crit. 2020; 30(1):3. PMC: 6966966. DOI: 10.1186/s41155-016-0057-1. View

Goretzko D . Factor Retention in Exploratory Factor Analysis With Missing Data. Educ Psychol Meas. 2022; 82(3):444-464. PMC: 9014734. DOI: 10.1177/00131644211022031. View

Keshavarzi M, Ghaffary H . An ontology-driven framework for knowledge representation of digital extortion attacks. Comput Human Behav. 2022; 139:107520. PMC: 9557090. DOI: 10.1016/j.chb.2022.107520. View

Liberati A, Altman D, Tetzlaff J, Mulrow C, Gotzsche P, Ioannidis J . The PRISMA statement for reporting systematic reviews and meta-analyses of studies that evaluate health care interventions: explanation and elaboration. J Clin Epidemiol. 2009; 62(10):e1-34. DOI: 10.1016/j.jclinepi.2009.06.006. View

Bukauskas L, Brilingaite A, Juozapavicius A, Lepaite D, Ikamas K, Andrijauskaite R . Remapping cybersecurity competences in a small nation state. Heliyon. 2023; 9(1):e12808. PMC: 9852642. DOI: 10.1016/j.heliyon.2023.e12808. View

Jackson D, Gillaspy J, Purc-Stephenson R . Reporting practices in confirmatory factor analysis: an overview and some recommendations. Psychol Methods. 2009; 14(1):6-23. DOI: 10.1037/a0014694. View

Boateng G, Neilands T, Frongillo E, Melgar-Quinonez H, Young S . Best Practices for Developing and Validating Scales for Health, Social, and Behavioral Research: A Primer. Front Public Health. 2018; 6:149. PMC: 6004510. DOI: 10.3389/fpubh.2018.00149. View

10.

King-Kallimanis B, Oort F, Nolte S, Schwartz C, Sprangers M . Using structural equation modeling to detect response shift in performance and health-related quality of life scores of multiple sclerosis patients. Qual Life Res. 2011; 20(10):1527-40. PMC: 3220820. DOI: 10.1007/s11136-010-9844-9. View

11.

Ayyoub H, Alahmad A, Al-Serhan A, Al-Abdallat M, Al-Muheisen E, Boshmaf H . Awareness of electronic crimes related to E-learning among students at the University of Jordan. Heliyon. 2022; 8(10):e10897. PMC: 9568858. DOI: 10.1016/j.heliyon.2022.e10897. View

12.

Alzubaidi A . Measuring the level of cyber-security awareness for cybercrime in Saudi Arabia. Heliyon. 2021; 7(1):e06016. PMC: 7841324. DOI: 10.1016/j.heliyon.2021.e06016. View