A structured review of insider cybersecurity behaviour studies

ABSTRACT Studying insider cybersecurity behavior is essential for understanding the human factors that contribute to security incidents and for developing holistic, adaptive security strategies. This review consolidates existing literature by examining the theoretical frameworks and behavioral distinctions commonly used to explain insider cybersecurity behavior. It draws on a systematic literature review of 123 articles and proposes a representative model that synthesizes key theoretical approaches. The analysis reveals a strong emphasis on deliberate behaviors, with only 15% of the literature addressing automatic behaviors. It also highlights how theories are applied across both desirable and undesirable behaviors, revealing inconsistencies and overlaps in their treatments. In addition to mapping current insights, the review identifies key gaps and future research directions. These include methodological improvements, greater attention to automatic behaviors, and more precise behavioral definitions to enable clearer distinctions. Overall, this review offers valuable insights for researchers and practitioners aiming to better understand and manage insider cybersecurity behavior.

• Publication year

  2025

• Venue

  Information Security Journal

• Publication date

  2025-09-04

• Fields of study

  Computer Science

• Identifiers
  DOI 10.1080/19393555.2025.2543458
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• Beyond the direct impact of sanctions and subjective norms in cybersecurity

  2025cited by this paper
• The Nexus Between Sanctions and Neutralization in Information Security

  2025influential reference
• An exploration of dark and light triad personality traits towards situational crime prevention and compliant information security behaviour

  2024cited by this paper
• A typology of cybersecurity behavior among knowledge workers

  2024cited by this paper
• The Impact of Security Incidents on Employee Behaviour

  2024cited by this paper
• The antecedents of employees' proactive information security behaviour: The perspective of proactive motivation

  2023cited by this paper
• BYOA and Security: Examining Perspective-Taking and Self-Determination

  2023cited by this paper
• Two-factor authentication time: How time-efficiency and time-satisfaction are associated with perceived security and satisfaction

  2023cited by this paper
• Enforcing Information System Security: Policies and Procedures for Employee Compliance

  2023cited by this paper
• The influence of organizational values on employee attitude and information security behavior: the mediating role of psychological capital

  2023cited by this paper
• Digital Workplaces and Information Security Behavior of Business Employees: An Empirical Study of Saudi Arabia

  2023cited by this paper
• Nudge to Promote Employees' Information Security Compliance Behavior: A Field Study

  2023cited by this paper
• What We Do in the Shadows: How does Experiencing Cybercrime Affect Response Actions & Protective Practices?

  2023cited by this paper
• Security is Local: The Influence of the Immediate Workgroup on Information Security

  2023cited by this paper
• Understanding employees' responses to information security management practices: a person-environment fit perspective

  2023cited by this paper
• Resistance to information security due to users' information safety behaviors: Empirical research on the emerging markets

  2023cited by this paper
• Bad Employees: Examining Deviant Security Behaviors

  2023cited by this paper
• Working conditions and cybersecurity: Time pressure, autonomy and threat appraisal shaping employees’ security behavior

  2023cited by this paper
• A systematic literature review of how cybersecurity-related behavior has been assessed

  2023cited by this paper
• What influences employees to follow security policies?

  2022cited by this paper
• Determinants of Information Security Awareness and Behaviour Strategies in Public Sector Organizations among Employees

  2022cited by this paper
• Understanding employees' information security-related stress and policy compliance intention: the roles of information security fatigue and psychological capital

  2022cited by this paper
• The Valued Coexistence of Protection Motivation and Stewardship in Information Security Behaviors

  2022cited by this paper
• IS professionals' information security behaviors in Chinese IT organizations for information security protection

  2022cited by this paper
• Email and Website-Based Phishing Attack: Examining Online Users Security Behavior in Cyberspace Environment

  2022cited by this paper
• Seeking rhetorical validity in fear appeal research: An application of rhetorical theory

  2022cited by this paper
• The effects of antecedents and mediating factors on cybersecurity protection behavior

  2021cited by this paper
• Herd behavior in information security decision-making

  2021influential reference
• Autonomous Motivation and Information Security Policy Compliance: Role of Job Satisfaction, Responsibility, and Deterrence

  2021cited by this paper
• Redefining threat appraisals of organizational insiders and exploring the moderating role of fear in cyberattack protection motivation

  2021cited by this paper
• Enhancing users’ security engagement through cultivating commitment: the role of psychological needs fulfilment

  2021cited by this paper
• Understanding Information Security Policy Violation from a Situational Action Perspective

  2021influential reference
• Deterrence and leadership factors: Which are important for information security policy compliance in the hotel industry

  2021cited by this paper
• Preventing insider threats to enhance organizational security: The role of opportunity-reducing techniques

  2021cited by this paper
• Exploring stewardship: A precursor to voluntary security behaviors

  2021cited by this paper
• Understanding the inward emotion-focused coping strategies of individual users in response to mobile malware threats

  2021cited by this paper
• Reactions to Abusive Supervision: Neutralization and IS Misuse

  2021cited by this paper
• Enhancing End-User Roles in Information Security: Exploring the Setting, Situation, and Identity

  2021cited by this paper
• A primer on insider threats in cybersecurity

  2021cited by this paper
• The Influence of Professional Subculture on Information Security Policy Violations: A Field Study in a Healthcare Context

  2020influential reference
• The role of deterrability for the effect of multi-level sanctions on information security policy compliance: Results of a multigroup analysis

  2020influential reference
• Employees' behavioural intention to smartphone security: A gender-based, cross-national study

  2020cited by this paper
• Why Employees (Still) Click on Phishing Links: Investigation in Hospitals

  2020cited by this paper
• EFFECTS OF SANCTION ON THE MENTALITY OF INFORMATION SECURITY POLICY COMPLIANCE

  2020influential reference
• Security behaviour of mobile financial service users

  2020cited by this paper
• The influence of hardiness and habit on security behaviour intention

  2020cited by this paper
• A Unified Classification Model of Insider Threats to Information Security

  2020cited by this paper
• A Replication Study of User Motivation in Protecting Information Security using Protection Motivation Theory and Self-Determination Theory

  2020cited by this paper
• Effects of sanctions, moral beliefs, and neutralization on information security policy violations across cultures

  2020cited by this paper
• Exploring role of moral disengagement and counterproductive work behaviours in information security awareness

  2020cited by this paper
• Organizational Information Security Management for Sustainable Information Systems: An Unethical Employee Information Security Behavior Perspective

  2020influential reference
• Eating the Forbidden Fruit: Human Curiosity Entices Data Breaches

  2019cited by this paper
• Response biases in policy compliance research

  2019influential reference
• Organizational formalization and employee information security behavioral intentions based on an extended TPB model

  2019cited by this paper
• Organizational Control Policy, Information Security Deviance, and Moderating Effect of Power Distance Orientation: Organizational Control Policy and Information Security Deviance

  2019influential reference
• A dimension-based information security culture model and its relationship with employees’ security behavior: A case study in Malaysian higher educational institutions

  2019cited by this paper
• Factors influencing the information security behaviour of IT employees

  2019cited by this paper
• Security monitoring and information security assurance behaviour among employees

  2019cited by this paper
• Wishful Thinking and IT Threat Avoidance: An Extension to the Technology Threat Avoidance Theory

  2019cited by this paper
• The Theory of Planned Behavior and Information Security Policy Compliance

  2019cited by this paper
• Evaluating the explanatory power of theoretical frameworks on intention to comply with information security policies in higher education

  2019cited by this paper
• Examining the impact of deterrence factors and norms on resistance to Information Systems Security

  2019influential reference
• Exploring user behavioral data for adaptive cybersecurity

  2019cited by this paper
• Understanding Information Security Behaviours of Tanzanian Government Employees: A Health Belief Model Perspective

  2019cited by this paper
• Impact of Deterrence and Inertia on Information Security Policy Changes

  2019influential reference
• Do I really belong?: Impact of employment status on information security policy compliance

  2019cited by this paper
• Deterrence and Prevention-based Model to Mitigate Information Security Insider Threats in Organisations

  2019influential reference
• Modeling anti-malware use intention of university students in a developing country using the theory of planned behavior

  2019cited by this paper
• The effects of moral disengagement and organizational ethical climate on insiders' information security policy violation behavior

  2019cited by this paper
• Towards an Improved Understanding of Human Factors in Cybersecurity

  2019cited by this paper
• Integrating Cognition with an Affective Lens to Better Understand Information Security Policy Compliance

  2019cited by this paper
• Examining employee computer abuse intentions: insights from justice, deterrence and neutralization perspectives

  2018influential reference
• Security on Autopilot: Why Current Security Theories Hijack our Thinking and Lead Us Astray

  2018cited by this paper
• Are we Predisposed to Behave Securely? Influence of Risk Disposition on Individual Security Behaviours

  2018cited by this paper
• Don't Even Think About It! The Effects of Antineutralization, Informational, and Normative Communication on Information Security Compliance

  2018influential reference
• Costly but effective: Comparing the factors that influence employee anti-malware behaviours

  2018influential reference
• Students’ computers safety behaviors, under effects of cognition and socialization: when gender and job experience influence information security behaviors

  2018influential reference
• Social control through deterrence on the compliance with information security policy

  2018cited by this paper
• Toward a Unified Model of Information Security Policy Compliance

  2018influential reference
• A Deterrence Approach to Regulate Nurses’ Compliance with Electronic Medical Records Privacy Policy

  2017cited by this paper
• Examining the relationship of organizational insiders' psychological capital with information security threat and coping appraisals

  2017cited by this paper
• Individual differences and Information Security Awareness

  2017cited by this paper
• Information Security and People: A Conundrum for Compliance

  2017cited by this paper
• User Motivations in Protecting Information Security: Protection Motivation Theory Versus Self-Determination Theory

  2017cited by this paper
• Optimal database combinations for literature searches in systematic reviews: a prospective exploratory study

  2017cited by this paper
• Determinants of early conformance with information security policies

  2017cited by this paper
• Hacking a Bridge : An Exploratory Study of Compliance-based Information Security Management in Banking Organization

  2017cited by this paper
• Factors Influencing Employees' Participation in Non-Malicious, Information Systems Security Deviant Behavior: Focus on Formal Control Mechanisms and Sanctions

  2017cited by this paper
• Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon

  2017influential reference
• Examining the Behavioral Intention of Individuals' Compliance with Information Security Policies

  2017cited by this paper
• Behavioral Approach to Information Security Policy Compliance

  2017cited by this paper
• This is my device! Why should I follow your rules? Employees' compliance with BYOD security policy

  2016cited by this paper
• Factors influencing the intention to comply with data protection regulations in hospitals: based on gender differences in behaviour and deterrence

  2016cited by this paper
• Employees' Adherence to Information Security Policies: A Partial Replication

  2016cited by this paper
• An analysis of multiple factors relating to teachers' problematic information security behavior

  2016cited by this paper
• Malware Avoidance Motivations and Behaviors: A Technology Threat Avoidance Replication

  2016cited by this paper
• Dispositional and situational factors: influences on information security policy violations

  2016cited by this paper
• Continuance of protective security behavior: A longitudinal study

  2016cited by this paper
• Information security conscious care behaviour formation in organizations

  2015cited by this paper
• Proposing the control‐reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policies

  2015cited by this paper

• IT ADAPTABILITY AS A CATALYST OF PLANNED CYBER THREATS AVOIDANCE BEHAVIOUR: A MODERATED MEDIATION ANALYSIS

  2025cites this paper