Provide the citation and attach a pdf of the article
Anwar, M., He, W., Ash, I., Yuan, X., Li, L., & Xu, L. (2017). Gender Difference and Employees’ Cybersecurity Behaviors. Computers in Human Behavior. http://manuscript.elsevier.com/S0747563216308688/pdf/S0747563216308688.pdf
What is the abstract of the article?
Security breaches are prevalent in organizations and many of the breaches are attributed to human errors. As a result, the organizations need to increase their employees’ security awareness and their capabilities to engage in safe cybersecurity behaviors. Many different psychological and social factors affect employees’ cybersecurity behaviors. An important research question to explore is to what extent gender plays a role in mediating the factors that affect cybersecurity beliefs and behaviors of employees. In this vein, we conducted a cross-sectional survey study among employees of diverse organizations. We used structural equation modelling to assess the effect of gender as a moderator variable in the relations between psychosocial factors and self-reported cybersecurity behaviors. Our results show that gender has some effect in security self-efficacy (r=-.435, p< .001), prior experience (r=-.235, p< .001) and computer skills (r=-.198, p< .001) and little effect in cues-to-action (r=-.152, p< .001) and self-reported cybersecurity behaviors (r=-.152, p< .001).
Was the study experimental or non-experimental? Explain, tell us what made that clear.
The study was non-experimental. This is made clear in the theory section and in the methodology section where they list the method of carrying out the research, which is via survey and does not involve applying any treatment or instruction before or after.
Was the research qualitative or quantitative? Again, explain.
The research is quantitative, because it is a set of data numerical data obtained via targeted online polling and from which conclusions can be inferred as opposed to a qualitative method of data gathering like interviews.
What was the population studied?
The population studied was employees of various organizations, specifically businesses and universities. This information is listed in the methodology subsection on participants and settings.
What sample was used for this study?
The sample studied consisted of 481 employees of businesses and universities which was chi-square tested to avoid any deviation in the amount of men and women in each age group (Anwar et al., 2017). It is listed in the methodology section under participants and setting, also mentioned is the fact that the study was approved by the investigators’ institution’s Internal Review Board.
What was the method of measurement?
The method of measurement was a survey sent to the participants designed to collect information about their cybersecurity behavior. A 7-point Likert scale with 87 questions was used to measure 12 different categories of behavior from the participants. As per Anwar et al. (2017) those categories were, Computer Skills, Internet Skills, Prior Experience, Perceived Vulnerabilities, Perceived Severity, Perceived Benefits, Perceived Barriers, Response Efficacy, Cued to Action, Security Self-efficacy, Peer Behavior, and Self-reported Cybersecurity Behavior.
If the research was quantitative, was the measurement scale used, Nominal, Ordinal, Interval, or Ratio?
The measurement scale used was a 7-point Likert scale, from strongly disagree at 1 to strongly agree at 7 (Anwar et al., 2017). The fact they used a scale with no definite distance between the options on it means it is an ordinal scale.
What was the method of analysis?
The researchers used means of the scores, from 1 to 7, separated for male and female participants to analyze and compare the data for each gender.
If the research was quantitative, what statistical tools were used to analyze the data?
The researchers used a software package made by IBM called SPSS and the tools it contains to analyze the data.
What was the conclusion of the study?
The conclusion of the study was that there are significant differences in the cybersecurity behaviors between men and women in several of the studied areas, specifically and most notably is the lower scores for women in self-efficacy.
Why is this study useful to you? Explain in detail.
In cybersecurity it is important to know what the end user thinks, not only of your cybersecurity measures but also of themselves. If I were put in charge of establishing protocols for a company it would be useful to understand where gender differences in training would be helpful to optimize what my end users got out of any training I designed. It might also be a good idea for me to focus a little on the areas where my end users think they do well or poorly, which is something I could also design with gender differences in mind.
What would be the next logical step in extending this study?
The next step in my mind is to do an experimental study on how a similar sample of people would react to training in the areas mentioned as different in behavior and perception. The study could aim to see if that difference could be improved upon.
I think there is something that can be clarified in the analysis portion. It would be a good idea to discuss more on the chi-square test that helped in the analysis portion along with the point-biserial that was used to analyze the questions. You did mention the chi-square test in the sample area, but I believe it would be best placed in the analysis portion. The reason being is they took the initial sample and analyzed it using that test to determine if there was a significant difference between the men and women that took part in the study. If there was a significant difference then this could be a problem as it could potentially decrease the validity of the study, depending on how significant it was.
I think further discussion of the point-biserial would be a good thing to look into. The reason being is due to the results shown on the test items in the study. Some of these values are low while a few are in the higher ranges. A test question would be considered good if it was 0.15 or more. Items usually below 0.10 are to be further examined. The perceived barriers item had the highest value of the other items in the chart. It makes me think that the wording of some of the questions could have had an impact on the result of the study. It could also be the sample size that impacted the results as well, so I believe this study could have done better with a larger sample size.
Overall, It was interesting to find that in the study that women scored lower in self-efficacy. I also found it interesting that gender was considered an important factor in terms of cybersecurity behaviors and beliefs.
I liked this article Isaac. It was very interesting to see how men and women differ in their behaviors when it comes to cybersecurity. I am always interested in how people interact with computers because it helps me understand how systems should be updated to serve the needs of users as needs vary. In particular, I felt like your review was helpful especially when it came to explaining the measures used by the research team. Sometimes quantitative research can be hard to interpret, but, from what I understand from your review, the use of surveys and the Likert scale was enough for the research team to gather what they needed to understand how the use of cybersecurity differed by gender. The conclusion in your review could be elaborated on a bit more. You mentioned the differences between men and women, highlighting the low scores for women in self-efficacy, however I don’t see any follow up. What steps is the research team taking to increase these scores for women? Were there any areas of the study where men lacked in efficacy? I would have appreciated an understanding of how this study would benefit cybersecurity measures in the future.
It is interesting to see a study that considers behaviors related to cybersecurity based on gender differences. The study I picked regarding a survey of technology and skill also used a Likert-Scale to gain results and accompanying insight. With the results showing that gender has some effect in security self-efficacy, prior experience, and computer skills, I suppose there could be some insightful evidence regarding gender and cybersecurity, but I am not entirely convinced.
I think having this study repeated would possibly bring interesting results for comparison and thus create a clearer insight to differences (if any) of gender regarding cybersecurity. I would also think that adding some substantial level of qualitative research would help strengthen this study. Maybe interviews could be set up and have questions for both male and female individuals or groups. I do think the experimental study you mentioned would also bring results that could tie into this topic and help provide clarity on differences of gender and improvements.