Exploring the Relationship Between Cybersecurity Culture and Cyber-Crime Prevention: A Systematic Review

Abstract

Cybercrime requires a multidimensional approach addressing technical, organisational, and human factors to prevent cyber-attacks. This systematic review highlights the significance of a strong cybersecurity culture in mitigating the risks of cyberattacks and enhancing an organisation's resilience. Implementing training and awareness programmes, establishing leadership support and accountability mechanisms, and fostering employee engagement are strategies for promoting a strong cybersecurity culture. However, fostering a robust culture of cybersecurity can be challenging and requires the participation of various stakeholders. Training and awareness programmes can significantly improve employee cybersecurity knowledge and behaviour, and leadership support is essential for establishing a cybersecurity culture. It is possible to enforce employee compliance with cybersecurity policies and procedures through accountability mechanisms, such as consequences for noncompliance and periodic security audits. Involving employees in the creation of cybersecurity policies and procedures, as well as recognising and rewarding responsible behaviour, can increase employee engagement and investment in cybersecurity. Although technical measures such as firewalls and encryption are essential for defending against cyber-attacks, a strong cybersecurity culture is necessary to mitigate cybercrime risks and enhance an organisation's resilience. Future research should identify and evaluate effective strategies for cultivating a robust cybersecurity culture in the context of preventing cybercrime. Cybersecurity should be a top priority for businesses and individuals, who must take preventative measures against cyber-attacks. By fostering a robust culture of cybersecurity, businesses can increase their resilience and reduce the risks of cybercrime.