查看文章

Employee is frequently referred to as the weakest link in the cyber security in an organization. Differences in the employees’ personality makes it hard for any organization to design a proper mitigation strategy in order to prevent them from being a victim of phishing attack. Besides, users’ general life experience and technological experience will also influence the type of user’s personality traits while handling or interacting with the security system, which affects their susceptibility towards phishing. The objective of this paper is to examine the personality traits that influence phishing susceptibility among employees in a workplace, and to investigate the influence of employees’ experience in shaping employees’ personality and consequently their behaviour in resisting phishing attack. This study used quantitative method. A survey (N= 252) of employees in mid-sized IT related companies in Malaysia attempted to identify individual’s characteristics that relate to phishing susceptibility and characterize the higherrisk employees that pose threats to the companies. This paper presents three notable findings. First, the results of correlation analysis emphasized the importance of employees’ technical and general experience in shaping their personality to resist phishing attack. Secondly, the results of correlation analysis show that conscientiousness and self-monitoring personality traits were positively related with employee’s secure behaviour towards phishing threats. Finally, this study concluded that extroversion personality had the strongest influence towards phishing susceptibility, followed by self-monitoring, agreeableness and conscientiousness. The …