Result: Is Seeing Believing? Training Users on Information Security: Evidence from Java Applets.

Information Security issues are one of the top concerns of CEOs. Accordingly, information systems education and research have addressed security issues. One of the main areas of research is the behavioral issues in Information Security, primarily focusing on users' compliance to information security policies. We contribute to this literature by arguing that proper implementation of security policies requires effective training. Specifically, we argue that adherence to security policies could be improved by using training strategies where written policies are 'shown'. To test our assertion, we use a scenario that users often face when browsing - installation of java applets. Based on previous literature, we identified key antecedents of compliance and tested their effectiveness in an experimental setting. One group of users received guidance from a written policy, whereas the other group was 'shown' the meaning of the written policy in the form of a video. Our contribution is simple yet powerful - effective information security training can be accomplished when users are shown the reasons behind the written policies. In other words, in addition to written policies, it is beneficial to actually 'show' what the policies accomplish. [ABSTRACT FROM AUTHOR]

Copyright of Journal of Information Systems Education is the property of Information Systems & Computing Academic Professionals (ISCAP) and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)