Skip to main content

Theoretical Domains Framework Applied to Cybersecurity Behaviour

  • 559 Accesses

Part of the Advances in Intelligent Systems and Computing book series (AISC,volume 1225)


The challenge of changing user cybersecurity behaviour is now in the foreground of cybersecurity research. To understand the problem, cybersecurity behaviour researchers have included, into their studies, theories from the Psychology domain. Psychology makes use of several behavioural theories to explain behaviour. This leads to the question, which of these theories are best suited to firstly understand cybersecurity behaviour and secondly to change the behaviour for the better. To answer this question, as a prelude to the current paper, previous publications have 1) established a definition for the different categories of cybersecurity behaviour, 2) identified and applied a framework, the Theoretical Domains Framework, that ties different behavioural theories together into one behaviour change framework. The current study is aimed to show the link between the behavioural constructs discussed in the Theoretical Domains Framework to the different cybersecurity behaviour categories. The contribution of the study is towards the implementors of initiatives that aim to change cybersecurity behaviour.


  • Cybersecurity behaviour
  • Theoretical Domains Framework
  • Constructs

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-51971-1_34
  • Chapter length: 18 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   149.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-51971-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   199.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.
Fig. 10.


  1. Bada, M., Sasse, A.M., Nurse, J.R.: Cyber security awareness campaigns: why do they fail to change behaviour? arXiv preprint arXiv:1901.02672 (2019)

  2. Holmes, M., Ophoff, J.: Online security behaviour: factors influencing intention to adopt two-factor authentication. In: ICCWS 2019 14th International Conference on Cyber Warfare and Security: ICCWS 2019, p. 123. Academic Conferences and Publishing Limited (2019)

    Google Scholar 

  3. Jansen, J., van Schaik, P.: The design and evaluation of a theory-based intervention to promote security behaviour against phishing. Int. J. Hum.-Comput. Stud. 123, 40–55 (2019)

    CrossRef  Google Scholar 

  4. Reedman, S.: Theoretical Domains Framework – Behaviour Change (2017)

    Google Scholar 

  5. Michie, S., Johnston, M., Abraham, C., Lawton, R., Parker, D., Walker, A.: Making psychological theory useful for implementing evidence based practice: a consensus approach. BMJ Qual. Saf. 14, 26–33 (2005)

    CrossRef  Google Scholar 

  6. Atkins, L., Francis, J., Islam, R., O’Connor, D., Patey, A., Ivers, N., Foy, R., Duncan, E.M., Colquhoun, H., Grimshaw, J.M.: A guide to using the theoretical domains framework of behaviour change to investigate implementation problems. Implement. Sci. 12, 77 (2017)

    CrossRef  Google Scholar 

  7. Mashiane, T., Kritzinger, E.: Cybersecurity behaviour: a conceptual taxonomy. In: IFIP International Conference on Information Security Theory and Practice, pp. 147–156. Springer (2019)

    Google Scholar 

  8. Thompson, N., McGill, T.J., Wang, X.: “Security begins at home”: determinants of home computer and mobile device security behavior. Comput. Secur. 70, 376–391 (2017)

    CrossRef  Google Scholar 

  9. Mashiane, T., Kritzinger, E.: Theoretical domain framework to identify cybersecurity behaviour constructs. In: International Conference on Innovative Technologies and Learning, pp. 320–329. Springer (2019)

    Google Scholar 

  10. Armitage, C.J., Conner, M.: Efficacy of the theory of planned behaviour: a meta-analytic review. Br. J. Soc. Psychol. 40, 471–499 (2001)

    CrossRef  Google Scholar 

  11. Cane, J., Richardson, M., Johnston, M., Ladha, R., Michie, S.: From lists of behaviour change techniques (BCTs) to structured hierarchies: comparison of two methods of developing a hierarchy of BCTs. Br. J. Health. Psychol. 20, 130–150 (2015)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Thulani Mashiane .

Editor information

Editors and Affiliations



See Tables 2 and 3.

Table 2. Theoretical domains theory [11]
Table 3. Papers included in the study

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Mashiane, T., Kritzinger, E. (2020). Theoretical Domains Framework Applied to Cybersecurity Behaviour. In: Silhavy, R. (eds) Artificial Intelligence and Bioinspired Computational Methods. CSOC 2020. Advances in Intelligent Systems and Computing, vol 1225. Springer, Cham.

Download citation