Empirical investigation of the determinants of cybersecurity behaviour among South Africans

Abstract

Cybercrime is a borderless threat that affects both developed and developing countries and continues to grow. According to the International Business Machines Corporation (IBM), in 2022 the average cost of data breach across the globe was $4.35 million. The COVID-19 pandemic significantly accelerated the digital landscapes of many countries, including South Africa. Subsequently, there was an increase in incidents of cyberattacks globally. Good cybersecurity behaviour encompasses the actions undertaken by individuals to protect their data, devices, and networks from cyberattacks. Consequently, this study investigated the factors that could influence the cybersecurity behaviours of South Africans and determine the factors that could exert the greatest impact on their cybersecurity behaviours. The study employed an online questionnaire to collect data from a sample of 329 South African participants. The theoretical frameworks used included Theory of Planned Behaviour (TPB) and the Protection Motivation Theory (PMT). The findings revealed that an individual's intention to engage in good cybersecurity behaviours is significantly influenced by their Attitude towards good cybersecurity behaviours, Subjective norms, Perceived severity, and Response efficacy. Moreover, the study results revealed Perceived severity as a mediator in the relationship between Perceived vulnerability and Intention to practice good cybersecurity behaviours. The research findings underscore the importance of influencing these factors to effectively promote good cybersecurity behaviours amongst South Africans. Targeting and changing Attitudes towards good cybersecurity behaviours, Subjective norms, Perceived severity, and Response efficacy, could increase the practice of good cybersecurity behaviours in South Africans and mitigate the risks associated with cyberthreats.