Keywords
How to Cite
Abstract
In order to effectively combat cybersercurity threats at home and in organizations, it is imperative to achieve higher end-user cybersecurity compliance. Cybersecurity training is generally accepted as a means to increase compliance behavior. Training can influence compliance by one or more of three causal pathways: by increasing cybersecurity awareness, by increasing cybersecurity proficiency (i.e., improve cybersecurity skills) and by raising cybersecurity self-efficacy. The effects of awareness and self-efficacy on compliance have been empirically examined and reported in literature, but the effect of cybersecurity skills has not received much attention. In an effort to understand the pathways through which training affects compliance, we develop a theoretical model and offer propositions. The model helps us understand how cybersecurity training should be designed and executed to optimally influence each of the three pathways to compliance and finally to have an optimal impact on compliance. Empirical validation will be performed at a later stage. Results of the study are expected to help design training programs to enhance end-user cybersecurity skills and consequently cybersecurity compliance.
Open Access License Notice:
This article is © its author(s) and is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). Beginning with Volume 13 (2026), this license is included directly within all published PDFs. For earlier articles, a cover page has been added to indicate the correct licensing terms. Any legacy copyright or pricing statements appearing within the PDF reflect prior print production workflows and do not represent the Journal’s current open access policy. For full details, please see the Journal’s License Terms.