Date of Conferral

8-26-2025

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Ayegbeni Igonor

Abstract

Lack of cybersecurity awareness among employees and end-users poses significant risks to organizations. This issue is critical because inadequate cybersecurity awareness increases organizational vulnerabilities, leading to financial losses and compromised data security. Grounded in the routine activity theory, the purpose of this qualitative multiple case study was to explore strategies that IT security managers had implemented to enhance employee cybersecurity awareness. The participants were six IT security managers in Cameroon, West Africa, with strategies to implement employee cybersecurity awareness. Data were collected using semistructure interviews and a review of documents. Through thematic analysis, three themes were identified: (a) cybersecurity awareness culture and mindset, (b) providing persistent end-user and employee training, and (c) creating cybersecurity policies and procedures. A key recommendation is for IT security managers to stay informed about emerging security threats, adapt their cybersecurity awareness strategies accordingly, and promote an organizational culture where all employees share responsibility for cybersecurity. The implication for positive social change includes the potential for organizations to foster a cyber-resilience culture, reducing data breaches and enhancing economic stability for business and communities.

Download

Share

 
COinS