Abstract
Purpose This study aims to explore the impact of information security knowledge on information security compliance behavior using neuroscience science. Design/methodology/approach This study uses electroencephalography (EEG) equipment to collect brain cognitive data from participants under two specific conditions. The conditions are before and after information security knowledge interventions contextualized with the “Wannacry” ransomware incident. Findings Firstly, the information security knowledge interventions lead to differences in the participants’ behavioral data under the two conditions, with participants showing increased attention to security warnings after intervention. Secondly, the P300 waveform is observed in the decision-making process for information security compliance behavior both before and after intervention, suggesting that the cognitive processes of the brain are influenced by information security knowledge. Finally, the amplitude of the P300 waveform is larger after intervention compared to before, and the energy in the β frequency band induced by decision-making for information security compliance behavior is higher before intervention than after. Originality/value Few studies have focused on the corresponding research regarding how to enhance information security compliance behavior. This study confirms that information security knowledge can significantly improve information security compliance behavior encouraging users to proactively implement security measures to counter information security threats. The findings reveal the impact of EEG on the cognitive processes involved in decision-making for information security compliance behavior and offer a novel approach for improving information security behavior through information security knowledge interventions.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call