{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,20]],"date-time":"2026-04-20T13:37:07Z","timestamp":1776692227623,"version":"3.51.2"},"reference-count":34,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2021,6,21]],"date-time":"2021-06-21T00:00:00Z","timestamp":1624233600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2021,11,12]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>As insiders remain to be a main reason behind security breaches, effective information security awareness campaigns become critical in protecting organizations from security incidents. The purpose of this paper is to identify factors that influence organizational adoption and acceptance of computer-based security awareness training tools.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>The paper uses content analysis of online reviews of the top ten computer-based security awareness training tools that received Gartner peer insights Customers\u2019 Choice 2019 award.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>This study identifies nine critical adoption and success factors. These are synthesized into a conceptual framework based on the technology\u2013organization\u2013environment framework. The findings reveal that technological, organizational and environmental factors come into play in adoption decisions but with varying degrees of importance.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Practical implications<\/jats:title>\n<jats:p>This study highlights key factors that technology vendors should take into consideration when designing computer-based security awareness training tools to increase adoption rates.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>This research offers a novel contribution to the literature on information security awareness delivery methods by identifying key factors that influence organizational adoption and acceptance of computer-based security awareness training tools. Those factors were identified using content analysis of online reviews, which is a new methodological approach to the information security awareness literature.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-12-2020-0200","type":"journal-article","created":{"date-parts":[[2021,6,18]],"date-time":"2021-06-18T04:46:33Z","timestamp":1623991593000},"page":"836-849","source":"Crossref","is-referenced-by-count":14,"title":["Factors affecting organizational adoption and acceptance of computer-based security awareness training tools"],"prefix":"10.1108","volume":"29","author":[{"given":"Laila","family":"Dahabiyeh","sequence":"first","affiliation":[]}],"member":"140","published-online":{"date-parts":[[2021,6,21]]},"reference":[{"issue":"3","key":"key2021111012415696100_ref001","doi-asserted-by":"crossref","first-page":"237","DOI":"10.1080\/0144929X.2012.708787","article-title":"User preference of cyber security awareness delivery methods","volume":"33","year":"2014","journal-title":"Behaviour and Information Technology"},{"issue":"1","key":"key2021111012415696100_ref002","doi-asserted-by":"crossref","first-page":"5","DOI":"10.22215\/timreview\/861","article-title":"Cybersecurity skills training: an attacker-centric gamified approach","volume":"5","year":"2015","journal-title":"Technology Innovation Management Review"},{"issue":"67","key":"key2021111012415696100_ref003","first-page":"161","article-title":"Hospital information system adoption: expert perspectives on an adoption framework for Malaysian public hospitals","volume":"67","year":"2017","journal-title":"Computers in Human Behavior"},{"issue":"3","key":"key2021111012415696100_ref004","doi-asserted-by":"crossref","first-page":"73","DOI":"10.3390\/fi11030073","article-title":"Reviewing cyber security social engineering training and awareness programs \u2013 pitfalls and ongoing issues","volume":"11","year":"2019","journal-title":"Future Internet"},{"key":"key2021111012415696100_ref005","first-page":"231","article-title":"The technology \u2013 organization \u2013 environment framework","volume-title":"Information Systems Theory","year":"2012"},{"key":"key2021111012415696100_ref006","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1016\/j.cose.2017.04.009","article-title":"Prevention is better than cure! Designing information security awareness programs to overcome users' non-compliance with information security policies in banks","volume":"68","year":"2017","journal-title":"Computers and Security"},{"issue":"3","key":"key2021111012415696100_ref007","doi-asserted-by":"crossref","first-page":"119","DOI":"10.2308\/isys-51341","article-title":"Applying basic gamification techniques to it compliance training: evidence from the lab and field","volume":"30","year":"2016","journal-title":"Journal of Information Systems"},{"issue":"3","key":"key2021111012415696100_ref008","doi-asserted-by":"crossref","first-page":"523","DOI":"10.2307\/25750690","article-title":"Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness","volume":"34","year":"2010","journal-title":"MIS Quarterly"},{"issue":"17","key":"key2021111012415696100_ref009","doi-asserted-by":"crossref","first-page":"5142","DOI":"10.1080\/00207543.2015.1066519","article-title":"Predicting consumer product demands via big data: the roles of online promotional marketing and online reviews","volume":"55","year":"2017","journal-title":"International Journal of Production Research"},{"key":"key2021111012415696100_ref010","unstructured":"CNN (2005), \u201cA convicted hacker debunks some myths\u201d, available at: https:\/\/edition.cnn.com\/2005\/TECH\/internet\/10\/07\/kevin.mitnick.cnna\/ (accessed 21 May 2020)."},{"issue":"1","key":"key2021111012415696100_ref011","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1016\/j.cose.2006.10.005","article-title":"A video game for cyber security training and awareness","volume":"26","year":"2007","journal-title":"Computers and Security"},{"issue":"109","key":"key2021111012415696100_ref012","first-page":"1","article-title":"Understanding crm adoption stages: empirical analysis building on the toe framework","volume":"109","year":"2019","journal-title":"Computers in Industry"},{"issue":"52","key":"key2021111012415696100_ref013","first-page":"498","article-title":"Analysis of the perceived value of online tourism reviews: influence of readability and reviewer characteristics","volume":"52","year":"2016","journal-title":"Tourism Management"},{"key":"key2021111012415696100_ref014","first-page":"287","article-title":"Improving security awareness through computer-based training","volume-title":"IFIP World Conference on Information Security Education","year":"2003"},{"issue":"2","key":"key2021111012415696100_ref015","doi-asserted-by":"crossref","first-page":"142","DOI":"10.1177\/1938965520902012","article-title":"Customer motivation and response bias in online reviews","volume":"61","year":"2020","journal-title":"Cornell Hospitality Quarterly"},{"issue":"95","key":"key2021111012415696100_ref016","first-page":"101827","article-title":"Riskio: a serious game for cyber security awareness and education","volume":"95","year":"2020","journal-title":"Computers and Security"},{"issue":"2","key":"key2021111012415696100_ref017","doi-asserted-by":"crossref","first-page":"449","DOI":"10.25300\/MISQ\/2017\/41.2.06","article-title":"On self-selection biases in online product reviews","volume":"41","year":"2017","journal-title":"Mis Quarterly"},{"issue":"67","key":"key2021111012415696100_ref018","first-page":"95","article-title":"Enterprise 2.0 post-adoption: extending the information system continuance model based on the technology-organization-environment framework","volume":"67","year":"2017","journal-title":"Computers in Human Behavior"},{"issue":"26","key":"key2021111012415696100_ref019","first-page":"10862","article-title":"Effectiveness of information security awareness methods based on psychological theories","volume":"5","year":"2011","journal-title":"African Journal of Business Management"},{"issue":"1","key":"key2021111012415696100_ref020","first-page":"215","article-title":"Measuring the effectiveness of information security training: a comparative analysis of computer-based training and instructor-based training","volume":"13","year":"2012","journal-title":"Issues in Information Systems"},{"key":"key2021111012415696100_ref021","first-page":"1","article-title":"Lessons from a real world evaluation of anti-Phishing training","year":"2008","journal-title":"eCrime Researchers Summit: IEEE"},{"key":"key2021111012415696100_ref022","first-page":"905","article-title":"Protecting people from phishing: the design and evaluation of an embedded training email system","year":"2007"},{"issue":"86","key":"key2021111012415696100_ref023","first-page":"80","article-title":"Understanding the determinants of electronic supply chain management system adoption: using the technology \u2013 organization \u2013 environment framework","volume":"86","year":"2014","journal-title":"Technological Forecasting and Social Change"},{"key":"key2021111012415696100_ref024","volume-title":"Qualitative Data Analysis: A Methods Sourcebook","year":"2014","edition":"3rd ed"},{"key":"key2021111012415696100_ref025","article-title":"Global threat intelligence report","author":"NTT Security","year":"2019"},{"issue":"1","key":"key2021111012415696100_ref026","first-page":"110","article-title":"Literature review of information technology adoption models at firm level","volume":"14","year":"2011","journal-title":"Electronic Journal of Information Systems Evaluation"},{"key":"key2021111012415696100_ref027","article-title":"Human factor report","author":"Proofpoint","year":"2019"},{"issue":"160","key":"key2021111012415696100_ref028","first-page":"189","article-title":"Smart contracts and internet of things: a qualitative content analysis using the technology-organization-environment framework to identify key-determinants","volume":"160","year":"2019","journal-title":"Procedia Computer Science"},{"key":"key2021111012415696100_ref029","first-page":"135","article-title":"teaching phishing-security: which way is best?","volume-title":"IFIP International Conference on ICT Systems Security and Privacy Protection","year":"2016"},{"key":"key2021111012415696100_ref030","volume-title":"Processes of Technological Innovation","year":"1990"},{"issue":"6","key":"key2021111012415696100_ref031","doi-asserted-by":"crossref","first-page":"e02010","DOI":"10.1016\/j.heliyon.2019.e02010","article-title":"Effectiveness of and user preferences for security awareness training methodologies","volume":"5","year":"2019","journal-title":"Heliyon"},{"issue":"4","key":"key2021111012415696100_ref032","doi-asserted-by":"crossref","first-page":"450","DOI":"10.1016\/j.im.2017.10.005","article-title":"Extending the model of internet standards adoption: a cross-country comparison of Ipv6 adoption","volume":"55","year":"2018","journal-title":"Information and Management"},{"issue":"53","key":"key2021111012415696100_ref033","first-page":"163","article-title":"Factors affecting hotels' adoption of mobile reservation systems: a technology-organization-environment framework","volume":"53","year":"2016","journal-title":"Tourism Management"},{"issue":"1","key":"key2021111012415696100_ref034","doi-asserted-by":"crossref","first-page":"202","DOI":"10.1080\/07421222.2016.1172460","article-title":"Do professional reviews affect online user choices through user reviews? An empirical study","volume":"33","year":"2016","journal-title":"Journal of Management Information Systems"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-12-2020-0200\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-12-2020-0200\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:27Z","timestamp":1753406607000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/29\/5\/836-849\/105814"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,6,21]]},"references-count":34,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2021,6,21]]},"published-print":{"date-parts":[[2021,11,12]]}},"alternative-id":["10.1108\/ICS-12-2020-0200"],"URL":"https:\/\/doi.org\/10.1108\/ics-12-2020-0200","relation":{},"ISSN":["2056-4961","2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"},{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2021,6,21]]}}}