Abstract:This study investigates demographic differences in cybersecurity culture in a large global organisation supporting safety critical and critical infrastructure sectors to target CSC improvement. A global survey was administered to all internal and external employees of a total of 21148 employees, with 6502 responses. The questionnaire evaluates nine CSC dimensions such as Password Management, Governance, Email Use. Anonymous survey responses were analysed using Kruskal-Wallis tests and Dunns post hoc comparisons to identify differences across demographic variables including employment, recruitment paths, managerial role, gender, age, tenure, and work base. CSC was broadly consistent across the organisation, with statistically significant but small to moderate demographic effects. CSC variations were observed across employment, age, recruitment paths, and line managerial role. In general, fulltime, internal, permanent, older employees, Merge and Acquisition recruits, and line managers consistently scored higher across multiple CSC dimensions. Parttime, younger, external employees, and those with 6 to 20 years of tenure in general scored lower. These patterns highlight higher-scoring groups that may act as CSC carriers and lower-scoring groups that may benefit from tailored improvement measures, enabling organisational learning. Our study offers a practical, scalable way to assess CSC, generating meaningful insights despite industrial constraints. It enables organisations to benchmark maturity, identify gaps, and prioritise targeted improvements using workforce diversity as a guide.
From: Tita Alissa Bach [view email]
[v1]
Fri, 12 Jun 2026 13:53:39 UTC (519 KB)
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。