The formation of a ‘security culture’ is often identified as a goal amongst institutions and organisations, but the term itself is not easy to define or break down into its constituent components. In this research area we examine perspectives and factors which influence security behaviours and, thus, security culture. From an  individual level, to the organisation, the sector and the national level, culture, patterns of thought, and behaviours are influenced and shaped. 

Higher Education Institutes (HEIs), in particular, constitute an environment with its own characteristics. In general, the education sector is considered to have a poor security culture compared to the industry, and security culture related perceptions have been relatively less studied in HEIs.  

Another angle of security culture is the influence of national culture dimensions. These dimensions indicatively include power-distance, norms of communication and confrontation, levels of individualism, uncertainty avoidance, time perceptions, leadership styles and more. These variables are shown to influence security behaviours individually and within groups.  

The main underlying question in this topic is how we can utilise the aforementioned factors for raising security awareness, changing security behaviours, and creating habits in a customised, optimised fashion, i.e. in a way that individuals are more likely to adopt secure behaviours.   

• Konstantinos Mersinas (ISG) 
• Dawn Watling (Psychology) 
• Tai Durojaiye (PhD student, ISG) 
• Zuzana Bitterova (PhD student, ISG) 

Partners  

The research approach is supported by KnowBe4. 

Funding 

National Cyber Security Centre (NCSC): Define and deliver scoping studies for further research into securing UK Higher Education Institutions (HEIs).

Durojaiye, T., Mersinas, K. and Watling, D., 2011. What Influences People’s View of Cyber Security Culture in Higher Education Institutions? An Empirical Study. 

Cyber Behavior Change: the need for ethics in behavioral interventions [under submission]