A Review of the Impact of Training on Cybersecurity Awareness

Main Article Content

Ahmed Alruwaili


This study aimed to review the studies carried out on the impact of training on cybersecurity awareness. Various databases were searched for keywords ‘cybersecurity & training’, ‘cybersecurity & training & impact’ and ‘cybersecurity awareness & training.’ These studies were also shortlisted as per the year of publication. The review found that during recent years, the increasing use of the Internet in professional and private spheres has led to an explosion in the rate of cybercrime across the world. Training on cybersecurity awareness has seen a mixed impact, with some studies claiming that such training has limited results. Some authors have talked about the customisation of training programs for effective cybersecurity awareness generation.


Download data is not yet available.

Article Details



Alotaibi, F., Furnell, S., Stengel, I., & Papadaki, M. (2016). A Review of Using Gaming Technology for Cyber-Security Awareness. International Journal of Information Security Research (IJISR), 6(2), 660-666.

Aloul, F.A. (2012). The Need for Effective Information Security Awareness. Journal of Advances in Information Technology, 3(3), 176-183.

Al-Daeef, M.M., Basir, N., & Saudi, M.M. (2017). Security Awareness Training: A Review. In Proceedings of the World Congress on Engineering. London, U.K.

Bada, M., Sasse, A. M., & Nurse, J. R. (2019). Cyber security awareness campaigns: Why do they fail to change behaviour?. arXiv preprint arXiv:1901.02672.

Ghazvini, A., & Shukur, Z. (2016). Awareness Training Transfer and Information Security Content Development for Healthcare Industry. (IJACSA) International Journal of Advanced Computer Science and Applications, 7(5), 361-370.

Jin, G., Tu, M., Kim, T-H., Heffron, J., & White, J. (2018). Evaluation of Game-Based Learning in Cybersecurity Education for High School Students. Journal of Education and Learning (EduLearn), 12(1), 150-158.

Landress, A.D., Parrish, J., & Terrell, S. (2017). Resiliency as an Outcome of SETA Programs. In Twenty-third Americas Conference on Information Systems. Boston, MA.

McBride, M., Carter, L., & Warkentin, M. (2012). One Size Doesn’t Fit All: Cybersecurity Training Should Be Customized. Institute for Homeland Security Solutions. Retrieved from https://sites.duke.edu/ihss/files/2011/12/CyberSecurity_2page-summary_mcbride- 2012.pdf

Michalsky, R.J. (2013). Raising Cyber Security Awareness for Healthcare Professionals. Retrieved from http://www.njvc.com/sites/default/files/white%20papers/Cyber_Security_Awareness_in_ Healthcare.pdf

Miranda, M.J.A. (2018). Enhancing Cybersecurity Awareness Training: A Comprehensive Phishing Exercise Approach. International Management Review, 14(2), 5-10.

Muhirwe, J. & White, N. (2016). Cybersecurity Awareness and Practice of Next Generation Corporate Technology Users. Issues in Information Systems, 17(II), 183-192.

[13] Nilsen, R., Levy, Y., Terrell, S., & Beyer, D. (2017). A Developmental Study on Assessing the Cybersecurity Competency of Organizational Information System Users.

Proctor, W.R. (2016). Investigating the Efficacy of Cybersecurity Awareness Training Programs (Unpublished master’s thesis). Utica College, New York.