Utilising Manager’s Competency, Employee’s Awareness and Motivation for Promoting Cybersecurity Protective Behaviour

Abstract

Technological developments have seen a rapid evolution in the last decade. The complexity and cyber-attacks increase within the advancement of technology and artificial intelligence, this creates pressures for corporations to adopt the necessary methods to ensure they function in a safe environment. This study attempts to assess the role of managers’ informational security intelligence (MISI) along with procedural information security countermeasure awareness (PCM) and cybersecurity protection motivation in promoting cybersecurity protective behaviour among employees in the public sector within the context of UAE. The study employs quantitative cross-sectional design with primary data collected from 520 employees in nine listed organisations in the public sector of Abu Dhabi, UAE. The data is analysed using Partial Least Square Structural Equation Modelling (PLS-SEM). The findings indicated that perceived threat susceptibility, self-efficacy, information security problem-solving, and social competence significantly affect cybersecurity protective behaviour. Additionally, MISI positively influences PCM, which in turn affects cybersecurity protection motivation. Finally, attitude moderates the relationship between self-efficacy and cybersecurity protective behaviour. The study extended the protection motivation theory by investigating the capabilities and competences of managers related to information security in addition to adding the attitude as a moderating variable. The findings offer valuable insights for policy makers in the aspect of ensuring the implementation of cyber security national strategies; for managers in organisations in the aspect of promoting awareness and capabilities among themselves and among their employees through educational and training programs to enhance their cybersecurity practices and mitigate risks.