This paper delves into the realm of Cyber Security Awareness Campaigns, with a specific focus on identifying critical factors that may hinder their effectiveness in driving behavioral change. Despite past and ongoing efforts to enhance information security practices and foster a secure society, the desired impact has often remained elusive. Therefore, it is essential to engage in a critical examination of the challenges associated with improving information security behaviors among citizens, consumers, and employees.
The study approaches these challenges from a psychological perspective, recognizing that understanding how individuals perceive risks plays a pivotal role in shaping effective awareness campaigns. Effecting behavioral change necessitates more than just providing information about risks and reactive measures. It involves enabling people to comprehend and implement the advice and, equally importantly, motivating them to do so. This motivation entails shifts in attitudes and intentions, elements that are fundamental to behavior change and are encompassed in various psychological models.
The paper also evaluates the suitability of persuasion techniques, including the commonly employed ‘fear appeals.’ Drawing from a diverse range of literature, the study extracts essential components for a successful awareness campaign and delineates factors that can influence the campaign’s outcomes, either positively or negatively.
In closing, the paper provides insights into existing awareness campaigns in different cultural contexts, exemplified by the UK and Africa, offering valuable reflections and considerations in the realm of cyber security awareness.