https://9p7pzq3jbl.execute-api.us-east-1.amazonaws.com/ProdStage Skip to main content
Publications
Advanced Search

View metadata

dc.titleGeneral Skills Training for Public Employees: Experimental Evidence on Cybersecurity Training in Argentina
dc.contributor.authorKeefer, Philip
dc.contributor.authorRoseth, Benjamin
dc.contributor.authorSantamaria, Julieth
dc.contributor.orgunitInstitutional Capacity of the State Division
dc.contributor.orgunitInstitutions for Development Sector
dc.coverageArgentina
dc.coverageLatin America
dc.date.available2024-10-18T00:10:00
dc.date.issue2024-10-18T00:10:00
dc.description.abstractCyberattacks have risen to become one of the most critical global risks. Despite increasing investments to combat cyberattacks, there remains a significant, often unnoticed vulnerability: employees. Previous literature reveals that over two-thirds of cyberattacks within organizations result from employee negligence. While strengthening cybersecurity through employee training is essential, traditional methods often fall short. In this study, we tested different approaches to reduce risk exposure to phishing, one of the most common types of cyberattacks, focusing on a sector and context unaddressed by previous literature: the public sector in a developing country (Argentina). We randomly allocated 1,918 public servants to a control group and two treatment groups to compare the effectiveness of online trainingcommonly used to promote behavior changes on ancillary workplace topics such as ethics, discrimination, and data protectionversus a "learning-by-doing" approach, which involved sending repeated phishing emails followed by educational emails. Our findings indicate that the learning-by-doing approach is superior for enhancing phishing email detection, resulting in fewer phishing emails opened, fewer clicks on phishing links, and improved reporting of suspicious emails. This strategy is particularly effective among permanent public officials compared to contractors, as well as among female employees. These findings not only inform organizational cybersecurity practices but also have broader implications for influencing employee behavior on other important workplace topics.
dc.format.extent33
dc.identifier.doihttp://dx.doi.org/10.18235/0013202
dc.identifier.urlhttps://publications.iadb.org/publications/english/document/General-Skills-Training-for-Public-Employees--Experimental-Evidence-on-Cybersecurity-Training-in-Argentina.pdf
dc.language.isoen
dc.publisherInter-American Development Bank
dc.subjectPublic Employment
dc.subjectCybercrime
dc.subjectCybersecurity Capacity
dc.subjectCyber Resilience
dc.subjectLabor Force
dc.subjectCybersecurity Policy
dc.subjectCybersecurity
dc.subjectRating
dc.subjectDigital Training
dc.subjectSkills
dc.subjectLearning
dc.subjectPopulation Aging
dc.subject.jelcodeN46 - Latin America • Caribbean
dc.subject.keywordscybercrime;phishing;cyberterroism
dc.typeWorking Papers
idb.identifier.pubnumberIDB-WP-01643
idb.operationAR-E0005
Return to Publication