Graduation Year

2019

Document Type

Dissertation

Degree

Ph.D.

Degree Name

Doctor of Philosophy (Ph.D.)

Degree Granting Department

Psychology

Major Professor

Michael D. Coovert, Ph.D.

Co-Major Professor

Chad Dubé, Ph.D.

Committee Member

Walter C. Borman, Ph.D.

Committee Member

Stephen E. Stark, Ph.D.

Committee Member

Logan M. Steele, Ph.D.

Keywords

cyber-security, phishing susceptibility, signal detection theory, training evaluation

Abstract

With the increasing amount of digital storage of personal and organizational data, there has been an increasing number of cyber-attacks, which has spurred much research on how to reduce phishing susceptibility. However, there are several gaps in the current research. There is little research on the effectiveness of different interventions on phishing susceptibility. There is no research on the differential impact of interventions on sensitivity (ability to detect phishing emails) and response bias (propensity to treat emails as threatening) or the influence of individual characteristics on phishing email training success. This study addresses these gaps using a quasi-experimental approach to evaluate a cyber-awareness training using Signal Detection Theory (SDT) to measure phishing susceptibility on an organizational sample at the Texas Department of Transportation (TxDOT). Informational approaches to training were effective in reducing phishing email susceptibility, however fear-appeals were not effective. Sensitivity and response bias were differentially impacted by the informational approach to cyber-awareness training. Cognitive ability predicted starting phishing email susceptibility and affective and utility reactions predicted training success. Implications and directions for future research are discussed.

Download

Share

COinS