Unraveling influential factors shaping employee cybersecurity behaviors: an empirical investigation of public servants in Vietnam

Government employees must comply with policies on information security regulations, online security practices, social networking usage, internet addiction, online cyberthreats and other related habits. These activities are considered cybersecurity behaviors. Government social media (GSM) accounts are increasingly used to educate employees about cybersecurity risks. To support the effectiveness of cybersecurity practices in government organizations, the purpose of this study is to investigate the impacts of GSM and organizational policy compliance on employees’ cybersecurity awareness, motivation and behaviors.

Data were obtained by administering a questionnaire survey to public personnel in Vietnam. A total of 330 valid responses were obtained, and the research hypotheses were tested using partial least squares–structural equation modeling.

First, cybersecurity awareness enhances information protection motivation and employee protective behavior. Second, GSM has positive impacts on cybersecurity knowledge and information protection motivation. Third, there is a strong positive association between information protection motivation and employee protective behavior. Finally, while organizational compliance significantly increases cybersecurity awareness, its impact on employee protective behavior is ind irect.

This research enhances the literature on the behavioral dimension of cybersecurity. The primary objective of this study is to assess the influence of cybersecurity awareness on protective behaviors rather than intents and attitudes alone. Furthermore, this research integrates protection motivation theory and cultivation theory to provide a more thorough assessment of cybersecurity awareness and protective behavior. By investigating the impact of GSM on the level of cybersecurity awareness among employees within government organizations, this study provides valuable insights into the efficacy of recent governmental initiatives aimed at fostering cybersecurity.