Article Review: The Health Belief Model and Phishing Determinants of Preventative Security Behaviors

Marshall Shepherd

Old Dominion University

CYSE 201

11/09/2024

In this article, Du, Kalafut and Schymik focus on the facets of phishing-related behavior using the health belief model and targeting university groups such as students, faculty, and staff. Examining the psychological contributors to secure emailing behaviors can help academics create satisfactory training and compel measures to protect post-secondary institutions from the threats of phishing.

The study shares methodologies found within the social sciences as it explores people’s perceptions, cognitions, and behavioral reactions to cyber threats. The HBM framework borrowed from psychology analyses the effect of threats on preventative actions in the PSR trilogy, which is inclined toward social sciences concentrations on cognition, vulnerability, and behavioral responses about perceived threats affecting the populace (Du et al., 2024, p. 5).

The authors explore perceived vulnerability, self-efficacy, and cues to action in the context of email security practices. Key hypotheses identify perceived vulnerability and self-efficacy as predictors of preventative actions and perceived barriers as negative predictors. The general research question evaluates whether the HBM can explain email security behaviors in university environments (Du et al., 2024, p. 8).

Considering the data collection, the researchers used a survey and collected their data from faculty, staff, and students of a large Midwestern university. This survey involved eight constructs within the HBM framework and demographic attributes of the construction. Based on both Exploratory Factor Analysis (EFA) and multiple regression analysis, the relationships between the constructs and security behaviors were arguably well-tested in the research proposed by Du et al. (2024, p. 9).

A survey was conducted to collect self-reported information on email security practices, and the impact of perceived barriers, benefits, and past experience was determined on self-reported practices. The regression analysis showed that self-efficiency, perceived benefits from using secure email, and previous negative experiences influenced the use of secure email with exposure to phishing risks (Du et al.,2024, p. 10).

Course concepts that align with the article include the behavioral response to perceived threats and self-efficacy about health. The authors show this by applying HBM to cybersecurity, showing that HBM is a valuable theory that can be used in various behavioral theories in different domains.

Even though the article is not centered on socially disadvantaged individuals, the study’s concentration on self-efficacy and self-acknowledgement gives hints about disparities. Workers with lesser security training or lower self-belief may be in greater danger—hence the importance of learning offerings in a university setting.

It helps society expand its knowledge by providing clear recommendations for boosting university cybersecurity. Thus, the results obtained in the current study encourage more institutions to offer presented self-efficacy and experience-based training and awareness programs, which could, in turn, diminish the identified phishing susceptibility in educational contexts (Du et al., 2024, p. 15).

Lastly, Du, Kalafut, and Schymik’s study appropriately operationalized and tested the HBM for cybersecurity behaviors, thus providing informative and valuable propositions for education within the university environment. These results support training self-efficacy and awareness to withstand a phishing attack.

References

Du, J., Kalafut, A., & Schymik, G. (2024). The health belief model and phishing: determinants of preventative security behaviors. Journal of Cybersecurity, 10(1), tyae012. https://doi.org/10.1093/cybsec/tyae012