University of Nebraska-Lincoln
Research shows security awareness lacks a uniform definition. This paper explores the various attempts that have been made to define security awareness and then presents a clear and concise definition of security awareness. Due to the lack of a behaviorally-oriented measurement, security awareness has relied on the use of self-reported questionnaires and surveying users through this same type of instrument. These attempts assume that knowledge of security awareness leads to correspondingly correct behavior, without attempting any field validation that this paradigm holds true.