{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,13]],"date-time":"2026-07-13T18:04:31Z","timestamp":1783965871307,"version":"3.55.0"},"reference-count":52,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T00:00:00Z","timestamp":1781481600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computers &amp; Security"],"published-print":{"date-parts":[[2026,11]]},"DOI":"10.1016\/j.cose.2026.105004","type":"journal-article","created":{"date-parts":[[2026,6,8]],"date-time":"2026-06-08T23:25:48Z","timestamp":1780961148000},"page":"105004","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Impact of employee cybersecurity training on knowledge of best practice for secure passwords and use of public Wi-Fi"],"prefix":"10.1016","volume":"170","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1965-842X","authenticated-orcid":false,"given":"Anna","family":"Cartwright","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0194-9368","authenticated-orcid":false,"given":"Edward","family":"Cartwright","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"issue":"1","key":"10.1016\/j.cose.2026.105004_b1","doi-asserted-by":"crossref","first-page":"100","DOI":"10.51594\/csitrj.v5i1.708","article-title":"Cybersecurity awareness and education programs: a review of employee engagement and accountability","volume":"5","author":"Abrahams","year":"2024","journal-title":"Comput. Sci. IT Res. J."},{"issue":"1","key":"10.1016\/j.cose.2026.105004_b2","doi-asserted-by":"crossref","first-page":"tyy006","DOI":"10.1093\/cybsec\/tyy006","article-title":"A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate","volume":"4","author":"Agrafiotis","year":"2018","journal-title":"J. Cybersecur."},{"issue":"3","key":"10.1016\/j.cose.2026.105004_b3","doi-asserted-by":"crossref","first-page":"73","DOI":"10.3390\/fi11030073","article-title":"Reviewing cyber security social engineering training and awareness programs\u2014Pitfalls and ongoing issues","volume":"11","author":"Aldawood","year":"2019","journal-title":"Futur. Internet"},{"issue":"12","key":"10.1016\/j.cose.2026.105004_b4","doi-asserted-by":"crossref","first-page":"2175","DOI":"10.3390\/sym15122175","article-title":"Exploring cybersecurity education and training techniques: a comprehensive review of traditional, virtual reality, and augmented reality approaches","volume":"15","author":"Alnajim","year":"2023","journal-title":"Symmetry"},{"key":"10.1016\/j.cose.2026.105004_b5","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2020.102003","article-title":"Developing cybersecurity culture to influence employee behavior: A practice perspective","volume":"98","author":"Alshaikh","year":"2020","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b6","doi-asserted-by":"crossref","first-page":"437","DOI":"10.1016\/j.chb.2016.12.040","article-title":"Gender difference and employees\u2019 cybersecurity behaviors","volume":"69","author":"Anwar","year":"2017","journal-title":"Comput. Hum. Behav."},{"key":"10.1016\/j.cose.2026.105004_b7","doi-asserted-by":"crossref","first-page":"73","DOI":"10.2147\/JMDH.S183275","article-title":"Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization","author":"Arain","year":"2019","journal-title":"J. Multidiscip. Heal."},{"key":"10.1016\/j.cose.2026.105004_b8","series-title":"Cyber security awareness campaigns: Why do they fail to change behaviour?","author":"Bada","year":"2019"},{"issue":"12","key":"10.1016\/j.cose.2026.105004_b9","doi-asserted-by":"crossref","DOI":"10.1371\/journal.pone.0224216","article-title":"Informing, simulating experience, or both: A field experiment on phishing risks","volume":"14","author":"Baillon","year":"2019","journal-title":"PLoS One"},{"key":"10.1016\/j.cose.2026.105004_b10","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2021.102490","article-title":"Ransomware: Recent advances, analysis, challenges and future research directions","volume":"111","author":"Beaman","year":"2021","journal-title":"Comput. Secur."},{"issue":"2","key":"10.1016\/j.cose.2026.105004_b11","doi-asserted-by":"crossref","first-page":"199","DOI":"10.1016\/j.econlet.2004.07.012","article-title":"Gender and overconfidence","volume":"86","author":"Bengtsson","year":"2005","journal-title":"Econom. Lett."},{"key":"10.1016\/j.cose.2026.105004_b12","first-page":"1","article-title":"A comprehensive survey of social engineering attacks: Taxonomy of attacks, prevention, and mitigation strategies","author":"Birthriya","year":"2024","journal-title":"J. Appl. Secur. Res."},{"key":"10.1016\/j.cose.2026.105004_b13","first-page":"92","article-title":"Cyber security in the workplace: Understanding and promoting behaviour change","author":"Blythe","year":"2013","journal-title":"Proc. CHItaly"},{"issue":"1","key":"10.1016\/j.cose.2026.105004_b14","article-title":"Exploring age and gender differences in ICT cybersecurity behaviour","volume":"2022","author":"Branley-Bell","year":"2022","journal-title":"Hum. Behav. Emerg. Technol."},{"issue":"3","key":"10.1016\/j.cose.2026.105004_b15","doi-asserted-by":"crossref","first-page":"965","DOI":"10.1007\/s10796-021-10119-7","article-title":"Risk taking behaviors using public wi-fi\u2122","volume":"24","author":"Choi","year":"2022","journal-title":"Inf. Syst. Front."},{"key":"10.1016\/j.cose.2026.105004_b16","doi-asserted-by":"crossref","DOI":"10.1016\/j.cosrev.2021.100361","article-title":"Cyber security training for critical infrastructure protection: A literature review","volume":"40","author":"Chowdhury","year":"2021","journal-title":"Comput. Sci. Rev."},{"key":"10.1016\/j.cose.2026.105004_b17","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2019.101568","article-title":"The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures","volume":"87","author":"Connolly","year":"2019","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b18","series-title":"Only 1 in 10 workers remembers all their cyber security training","author":"CybSafe","year":"2023"},{"issue":"4","key":"10.1016\/j.cose.2026.105004_b19","doi-asserted-by":"crossref","first-page":"4729","DOI":"10.1007\/s10639-021-10806-7","article-title":"Cybersecurity awareness enhancement: a study of the effects of age and gender of thai employees associated with phishing attacks","volume":"27","author":"Daengsi","year":"2022","journal-title":"Educ. Inf. Technol."},{"key":"10.1016\/j.cose.2026.105004_b20","doi-asserted-by":"crossref","unstructured":"DeCusatis, Casimer, Alvarico, Erin, Dirahoui, Omar, 2022. Gamification of cybersecurity training. In: Proceedings of the 1st International Workshop on Gamification of Software Development, Verification, and Validation. pp. 10\u201313.","DOI":"10.1145\/3548771.3561409"},{"key":"10.1016\/j.cose.2026.105004_b21","series-title":"Cyber security behaviour in organisations","author":"Ertan","year":"2020"},{"key":"10.1016\/j.cose.2026.105004_b22","series-title":"Cyber Security Training in Small to Medium-Sized Enterprises (SMEs): Exploring Organisation Culture and Employee Training Needs","author":"Fagbule","year":"2023"},{"key":"10.1016\/j.cose.2026.105004_b23","doi-asserted-by":"crossref","unstructured":"Glas, Magdalena, Vielberth, Manfred, Pernul, Guenther, 2023. Train as you fight: Evaluating authentic cybersecurity training in cyber ranges. In: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. pp. 1\u201319.","DOI":"10.1145\/3544548.3581046"},{"key":"10.1016\/j.cose.2026.105004_b24","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1016\/j.cose.2018.09.009","article-title":"Design recommendations for online cybersecurity courses","volume":"80","author":"Gonz\u00e1lez-Manzano","year":"2019","journal-title":"Comput. Secur."},{"issue":"6","key":"10.1016\/j.cose.2026.105004_b25","doi-asserted-by":"crossref","first-page":"547","DOI":"10.1093\/jamia\/ocz005","article-title":"Evaluation of a mandatory phishing training program for high-risk employees at a US healthcare system","volume":"26","author":"Gordon","year":"2019","journal-title":"J. Am. Med. Informatics Assoc."},{"issue":"3","key":"10.1016\/j.cose.2026.105004_b26","doi-asserted-by":"crossref","first-page":"140","DOI":"10.1108\/09685221111153537","article-title":"The long-term effects of information security e-learning on organizational learning","volume":"19","author":"Hagen","year":"2011","journal-title":"Inf. Manage. Comput. Secur."},{"issue":"10","key":"10.1016\/j.cose.2026.105004_b27","doi-asserted-by":"crossref","DOI":"10.1109\/MC.2020.3001959","article-title":"Security awareness training for the workforce: moving beyond \u201ccheck-the-box\u201d compliance","volume":"53","author":"Haney","year":"2020","journal-title":"Computer"},{"key":"10.1016\/j.cose.2026.105004_b28","doi-asserted-by":"crossref","DOI":"10.1108\/JIC-05-2019-0112","article-title":"Improving employees\u2019 intellectual capacity for cybersecurity through evidence-based malware training","author":"He","year":"2019","journal-title":"J. Intellect. Cap."},{"issue":"4","key":"10.1016\/j.cose.2026.105004_b29","doi-asserted-by":"crossref","first-page":"249","DOI":"10.1080\/10919392.2019.1611528","article-title":"Enterprise cybersecurity training and awareness programs: Recommendations for success","volume":"29","author":"He","year":"2019","journal-title":"J. Org. Comput. Electron. Commer."},{"key":"10.1016\/j.cose.2026.105004_b30","series-title":"2022 IEEE Symposium on Security and Privacy","first-page":"842","article-title":"Phishing in organizations: Findings from a large-scale and long-term study","author":"Lain","year":"2022"},{"issue":"1","key":"10.1016\/j.cose.2026.105004_b31","doi-asserted-by":"crossref","first-page":"154","DOI":"10.1057\/s41284-020-00270-2","article-title":"Situational awareness and public Wi-Fi users\u2019 self-protective behaviors","volume":"35","author":"Maimon","year":"2022","journal-title":"Secur. J."},{"key":"10.1016\/j.cose.2026.105004_b32","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2023.103162","article-title":"Between a rock and a hard (ening) place: Cyber insurance in the ransomware era","volume":"128","author":"Mott","year":"2023","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b33","series-title":"Phishing attacks: Defending your organisation","author":"NCSC","year":"2024"},{"issue":"11s","key":"10.1016\/j.cose.2026.105004_b34","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3514229","article-title":"A survey on ransomware: Evolution, taxonomy, and defense solutions","volume":"54","author":"Oz","year":"2022","journal-title":"ACM Comput. Surv."},{"key":"10.1016\/j.cose.2026.105004_b35","first-page":"201","article-title":"Long lasting effects of awareness training methods on reducing overall cyber security risk","volume":"vol. 11018","author":"Pouraimis","year":"2019"},{"key":"10.1016\/j.cose.2026.105004_b36","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2023.103585","article-title":"A systematic review of current cybersecurity training methods","volume":"136","author":"Pr\u00fcmmer","year":"2024","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b37","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2024.104206","article-title":"Assessing the effect of cybersecurity training on end-users: a meta-analysis","volume":"150","author":"Pr\u00fcmmer","year":"2025","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b38","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2021.102281","article-title":"\u201cGet a red-hot poker and open up my eyes, it\u2019s so boring\u201d 1: Employee perceptions of cybersecurity training","volume":"106","author":"Reeves","year":"2021","journal-title":"Comput. Secur."},{"issue":"1","key":"10.1016\/j.cose.2026.105004_b39","doi-asserted-by":"crossref","DOI":"10.1177\/21582440211000049","article-title":"Encouraging employee engagement with cybersecurity: How to tackle cyber fatigue","volume":"11","author":"Reeves","year":"2021","journal-title":"SAGE Open"},{"key":"10.1016\/j.cose.2026.105004_b40","doi-asserted-by":"crossref","unstructured":"Renaud, Karen, Searle, Rosalind, Dupuis, Marc, 2021. Shame in cyber security: effective behavior modification tool or counterproductive foil?. In: Proceedings of the 2021 New Security Paradigms Workshop. pp. 70\u201387.","DOI":"10.1145\/3498891.3498896"},{"issue":"4","key":"10.1016\/j.cose.2026.105004_b41","doi-asserted-by":"crossref","first-page":"89","DOI":"10.3390\/fi11040089","article-title":"Social engineering attacks: A survey","volume":"11","author":"Salahdine","year":"2019","journal-title":"Futur. Internet"},{"key":"10.1016\/j.cose.2026.105004_b42","doi-asserted-by":"crossref","first-page":"359","DOI":"10.1016\/j.comcom.2023.07.011","article-title":"Blind-trust: Raising awareness of the dangers of using unsecured public Wi-Fi networks","volume":"209","author":"Sangeen","year":"2023","journal-title":"Comput. Commun."},{"issue":"3","key":"10.1016\/j.cose.2026.105004_b43","doi-asserted-by":"crossref","first-page":"122","DOI":"10.1023\/A:1011902718709","article-title":"Transforming the \u2018weakest link\u2019\u2014a human\/computer interaction approach to usable and effective security","volume":"19","author":"Sasse","year":"2001","journal-title":"BT Technol. J."},{"issue":"8","key":"10.1016\/j.cose.2026.105004_b44","doi-asserted-by":"crossref","first-page":"1279","DOI":"10.1080\/09585190210149529","article-title":"\u2019More is not necessarily better\u2019: the relationship between the quantity and quality of training efforts","volume":"13","author":"Sels","year":"2002","journal-title":"Int. J. Hum. Resour. Manag."},{"key":"10.1016\/j.cose.2026.105004_b45","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2022.102756","article-title":"Cybersecurity education, awareness raising, and training initiatives: National level evidence-based results, challenges, and promise","volume":"119","author":"Shillair","year":"2022","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b46","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1016\/j.future.2018.09.063","article-title":"Government regulations in cyber security: Framework, standards and recommendations","volume":"92","author":"Srinivas","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"issue":"9","key":"10.1016\/j.cose.2026.105004_b47","doi-asserted-by":"crossref","first-page":"593","DOI":"10.1089\/cyber.2020.0526","article-title":"Successful gamification of cybersecurity training","volume":"24","author":"van Steen","year":"2021","journal-title":"Cyberpsychology Behav. Soc. Netw."},{"key":"10.1016\/j.cose.2026.105004_b48","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2024.104110","article-title":"Towards a cybersecurity culture-behaviour framework: A rapid evidence review","volume":"148","author":"Sutton","year":"2025","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105004_b49","doi-asserted-by":"crossref","first-page":"494","DOI":"10.30574\/ijsra.2025.16.2.2348","article-title":"From awareness to action: Designing effective cybersecurity training programs","volume":"16","author":"Ussher-Eke","year":"2023","journal-title":"Int. J. Sci. Res. Arch."},{"issue":"1","key":"10.1016\/j.cose.2026.105004_b50","doi-asserted-by":"crossref","first-page":"tyaa019","DOI":"10.1093\/cybsec\/tyaa019","article-title":"What (if any) behaviour change techniques do government-led cybersecurity awareness campaigns use?","volume":"6","author":"Van Steen","year":"2020","journal-title":"J. Cybersecur."},{"key":"10.1016\/j.cose.2026.105004_b51","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.ijhcs.2018.06.004","article-title":"Exploring susceptibility to phishing in the workplace","volume":"120","author":"Williams","year":"2018","journal-title":"Int. J. Hum.-Comput. Stud."},{"issue":"19","key":"10.1016\/j.cose.2026.105004_b52","doi-asserted-by":"crossref","first-page":"9266","DOI":"10.3390\/app11199266","article-title":"Assessing the effects of gamification on enhancing information security awareness knowledge","volume":"11","author":"Wu","year":"2021","journal-title":"Appl. Sci."}],"container-title":["Computers &amp; Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S016740482600180X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S016740482600180X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,7,13]],"date-time":"2026-07-13T17:14:27Z","timestamp":1783962867000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S016740482600180X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,11]]},"references-count":52,"alternative-id":["S016740482600180X"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2026.105004","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2026,11]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Impact of employee cybersecurity training on knowledge of best practice for secure passwords and use of public Wi-Fi","name":"articletitle","label":"Article Title"},{"value":"Computers & Security","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.cose.2026.105004","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Authors. Published by Elsevier Ltd.","name":"copyright","label":"Copyright"}],"article-number":"105004"}}