The study examines the influence of implicit beliefs on cybersecurity behaviour among employees in German organizations. We address a significant gap in the existing literature related to companies‘ struggle to implement effective cybersecurity defence strategies. Despite recognizing cybercrime as a significant threat, many organizations, particularly small and medium-sized enterprises (SMEs), fail to implement adequate protective measures. Additionally, we also address a significant gap in understanding how unconscious attitudes may influence the attitude of employees towards cybersecurity. As analytical method to gain insights in the response behaviour of employees, we use the Single Category Implicit Association Test (SC-IAT) and a questionnaire. On the basis of the Fogg Behavior Model (FBM), we investigate the behaviour of the employees and the effects of their unconscious attitudes.
Our key findings reveal that employees' implicit attitudes significantly diverge from their explicit statements about cybersecurity. With our results we demonstrate that implicit beliefs may cause a critical vulnerability in cybersecurity when it is not detected or neglected. Our research contributes to understanding the psychological mechanisms underlying cybersecurity behaviour.
©
Photo Credit:
viarami / pixabay.com
Working Paper No. 8: The effect of implicit beliefs on cybersecurity
Despite recognizing cyber threats, many German companies struggle with effective defence strategies. Using an Implicit Association Test (SC-IAT), we find that employees' implicit beliefs often conflict with their explicit statements. This gap reveals critical vulnerabilities, highlighting the need to understand the psychological factors influencing cybersecurity behaviour.
