{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T20:49:31Z","timestamp":1772743771746,"version":"3.50.1"},"reference-count":9,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[2016,7,11]],"date-time":"2016-07-11T00:00:00Z","timestamp":1468195200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2016,7,11]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title><jats:p>Through the use of effective training techniques and exercises, employees and users can be educated on how to make safe information security decisions. It is critical to the success of a total information security program that users are trained properly as they are a major layer of defense against malicious intent. The current methods of training people about information security are failing, and the number of user-related breaches increases every year.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title><jats:p>By researching and observing current methods and comparing other fields of study, this paper describes the best methodology for modifying user behavior as it pertains to information security.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Findings<\/jats:title><jats:p>Through effective training practices, user negligence can be mitigated and controlled, and the information security program can be better practiced throughout entire organizations.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title><jats:p>By using an effective training method to teach employees about information security, employees become an invaluable part of a company\u2019s overall information security strategy. By using this method, employees are no longer the weak link in information security.<\/jats:p><\/jats:sec>","DOI":"10.1108\/ics-10-2014-0065","type":"journal-article","created":{"date-parts":[[2016,7,6]],"date-time":"2016-07-06T07:28:41Z","timestamp":1467790121000},"page":"255-264","source":"Crossref","is-referenced-by-count":9,"title":["The pathway to security \u2013 mitigating user negligence"],"prefix":"10.1108","volume":"24","author":[{"given":"Sarah Elizabeth","family":"Kennedy","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2020121411254274600_ref001","unstructured":"Corwin, J. (2011), \u201cDo scare tactics work?\u201d, available at: http:\/\/pact360.org\/blog\/detail\/do-scare-tactics-work (accessed 12 July 2013)."},{"key":"key2020121411254274600_ref002","unstructured":"Ferrara, J. and Wombat Security Technologies (2012), \u201cTen commandments for effective security training\u201d, available at: www.csoonline.com\/article\/2131688\/security-awareness\/ten-commandments-for-effective-security-training.html (accessed 12 July 2013)."},{"key":"key2020121411254274600_ref003","doi-asserted-by":"crossref","unstructured":"Goldberg, L., Bents, R., Bosworth, E., Trevisan, L. and Elliot, D.L. (1991), \u201cAnabolic steroid education and adolescents: do scare tactics work?\u201d, available at: http:\/\/pediatrics.aappublications.org\/content\/87\/3\/283.short (accessed 12 July 2013).","DOI":"10.1542\/peds.87.3.283"},{"key":"key2020121411254274600_ref004","unstructured":"Grant, A.M. (2011), \u201cPatients\u2019 health motivates workers to wash their hands\u201d, available at: www.psychologicalscience.org\/index.php\/news\/releases\/patients-health-motivates-workers-to-wash-their-hands.html (accessed 12 July 2013)."},{"key":"key2020121411254274600_ref005","unstructured":"Hamilton, R. (2013), \u201cMistakes are costing companies millions from avoidable data breaches\u201d, available at: www.symantec.com\/connect\/blogs\/mistakes-are-costing-companies-millions-avoidable-data-breaches (accessed 12 July 2013)."},{"key":"key2020121411254274600_ref007","unstructured":"Munson, L. (2013), \u201cInformation security training and awareness \u2013 paradigm shift required?\u201d, available at: www.security-faqs.com\/information-security-training-and-awareness-paradigm-shift-required.html (accessed 12 July 2013)."},{"key":"key2020121411254274600_ref008","doi-asserted-by":"crossref","unstructured":"Rubin, R. (2012), \u201cTraining in information security is vital, provided it\u2019s done right\u201d, available at: www.theguardian.com\/media-network\/media-network-blog\/2012\/dec\/21\/training-information-security-tips (accessed 12 July 2013).","DOI":"10.1016\/S1353-4858(13)70133-8"},{"key":"key2020121411254274600_ref009","unstructured":"Symantec (2013), \u201cSymantec study shows employees steal corporate data and don\u2019t believe it\u2019s wrong\u201d, available at: www.symantec.com\/about\/news\/release\/article.jsp?prid=20130206_01&om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2013Jun_worldwide_CostofaDataBreach (accessed 12 July 2013)."},{"key":"key2020121411254274600_ref010","unstructured":"Johnson, M. and Labs, J. (2010), \u201cRisk management jeopardy\u201d, available at: https:\/\/jeopardylabs.com\/play\/risk-management-jeopardy4 (accessed 12 July 2013)."}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/ICS-10-2014-0065","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-10-2014-0065\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-10-2014-0065\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:13Z","timestamp":1753406593000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/24\/3\/255-264\/106492"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,7,11]]},"references-count":9,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2016,7,11]]}},"alternative-id":["10.1108\/ICS-10-2014-0065"],"URL":"https:\/\/doi.org\/10.1108\/ics-10-2014-0065","relation":{},"ISSN":["2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2016,7,11]]}}}