Cybersecurity Awareness through Training: A Systematic Literature Review Based on the KAB Model
Keywords:
Cybersecurity awareness, Knowledge-Attitude Behavior model, behavioral training, user engagement, systematic literature review, human factors, social engineeringAbstract
Cybersecurity awareness plays a critical role in protecting information systems against increasing threats and human error. This study presents a Systematic Literature Review (SLR) focusing on training strategies that enhance awareness based on the Knowledge-Attitude-Behavior (KAB) model. Ten academic articles published between 2020 and 2024 were analyzed to identify effective methods for improving user behavior in cybersecurity. The results highlight the importance of modular training, human-technology integration, and the organizational culture in raising awareness levels. Studies also emphasize the role of awareness in combating social engineering and promoting security-compliant behavior.
References
A. Oruc, N. Chowdhury, and V. Gkioulos, “A modular cyber security training programme for the maritime domain,” *International Journal of Information Security*, 2024. [Online]. Available: https://doi.org/10.1007/s10207-024-00721-0
B. Alkhazi, M. Alshaikh, S. Alkhezi, and H. Labbaci, “Assessment of the impact of information security awareness training methods on knowledge, attitude, and behavior,” *IEEE Access*, vol. 10, pp. 14355–14367, 2022. [Online]. Available: https://doi.org/10.1109/ACCESS.2022.3147363
M. E. Erendor and M. Yildirim, “Cybersecurity awareness in online education: A case study analysis,” *IEEE Access*, vol. 10, pp. 90110-90123, 2022. [Online]. https://doi.org/10.1109/ACCESS.2022.3204843
A.-T. Delso-Vicente and L. Diaz-Marcos, “Factors influencing employee compliance with information security policies: A systematic literature review of behavioral and technological aspects in cybersecurity,” *Future Business Journal*, vol. 11, no. 1, pp. 1–16, 2025. [Online]. Available: https://doi.org/10.1186/s43093-024-00229-2
A. Kovacevic, N. Putnik, and O. Toskovic, “Factors related to cyber security behavior,” *IEEE Access*, vol. 8, pp. 101076-101084,
2020. [Online]. https://doi.org/10.1109/ACCESS.2020.2999390
A. Pollini, M. Taisch, R. Lambiase, F. Bacchetti, and D. A. Romero, “Leveraging human factors in cybersecurity: An integrated methodological approach,” *Cognition, Technology & Work*, vol. 24, no. 3, pp. 543–558, 2022. [Online]. Available: https://doi.org/10.1007/s10111-021-00689-5
S. Akter, M. R. Uddin, S. Sajib, W. J. T. Lee, K. Michael, and M. A. Hossain, “Reconceptualizing cybersecurity awareness capability in the data-driven digital economy,” *Annals of Operations Research*, vol. 320, no. 2, pp. 801–829, 2022. [Online]. Available: https://doi.org/10.1007/s10479-02104201-3
Helmiawan, M. A., Fadil, I., Sofiyan, Y., & Firmansyah, E. (2021). Security model using intrusion detection system on cloud computing security management. 2021 9th International Conference on Cyber and IT Service Management
Helmiawan, M. A., & Nasution, A. I. (2022). The Effect of Internet Banking Use and Customer Protection Against Cyber Crime at Bank Rakyat Indonesia. Journal of Islamic Economics and Business, 2(2), 170–183.
Helmiawan, M. A., Firmansyah, E., Fadil, I., Sofivan, Y., Mahardika, F., & Guntara, A. (2020). Analysis of web security using open web application security project 10. 2020 8th International Conference on Cyber and IT Service Management
Helmiawan, M. A., Julian, E., Cahyan, Y., & Saeppani, A. (2021). Experimental evaluation of security monitoring and notification on network intrusion detection system for server security. 2021 9th International Conference on Cyber and IT Service Management
R. A. Maalem Lahcen, B. Caulkins, R. Mohapatra, and M. Kumar, “Review and insight on the behavioral aspects of cybersecurity, *Cybersecurity*, vol. 3, no. 1, pp. 1–14, 2020. [Online]. Available: 00051-4 https://doi.org/10.1186/s42400-020
T. Espinha Gasiba, U. Lechner, and M. Pinto-Albuquerque, “Sifu – A cybersecurity awareness platform with challenge assessment and intelligent coach,” *Cybersecurity*, vol. 3, no.1, pp. 1–17, 2020. [Online]. Available: https://doi.org/10.1186/s42400-019-0033-2
Z. Wang, H. Zhu, and L. Sun, “Social engineering in cybersecurity: Effect mechanisms, human vulnerabilities and attack methods,” *IEEE Access*, vol. 9, pp. 117754–117775, 2021. [Online]. https://doi.org/10.1109/ACCESS.2021.3104531