Persona-Driven Information Security Awareness.

Ki-Aries, D and Faily, S., 2016. Persona-Driven Information Security Awareness. In: 30th British HCI Group Annual Conference on People and Computers: Fusion, 11-15 July 2016, Bournemouth, UK.

Full text available as:

kifa16.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.


Official URL:


Because human factors are a root cause of security breaches in many organisations, security awareness activities are often used to address problematic behaviours and improve security culture. Previous work has found that personas are useful for identifying audience needs & goals when designing and implementing awareness campaigns. We present a six-step security awareness process both driven by and centred around the use of personas. This can be embedded into business-as-usual activities, with 90-day cycles of awareness themes. We evaluated this process by using it to devise a security awareness campaign for a digital agency. Our results suggest a persona-centred security awareness approach is adaptable to business constraints, and contributes towards addressing security risks.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:Information Security; Security Awareness; Personas
Group:Faculty of Science and Technology
ID Code:23808
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:10 Jun 2016 13:05
Last Modified:19 Jul 2016 14:12


Downloads per month over past year

More statistics for this item...
Repository Staff Only -