Routing Cybersecurity Awareness Training by FFM Personality Trait: A Quasi-Experimental Evaluation

Computer Science > Cryptography and Security [Submitted on 23 May 2026] Routing Cybersecurity Awareness Training by FFM Personality Trait: A Quasi-Experimental Evaluation Glory Okwata, Mohammad A. Razzaque Cybersecurity awareness training has historically adopted a one-size-fits-all approach, despite established individual differences in how users process and retain security information. Personality has been proposed as one axis along which training content might be tailored; yet no prior study has implemented and empirically evaluated a complete personality-conditional system end-to-end. This paper reports the design, implementation, and quasi-experimental evaluation of \emph{TailoredSec}, a mobile cybersecurity awareness application that routes training content based on a user's dominant Five-Factor Model (FFM) personality trait, as measured by the ten-item Big Five Inventory (BFI-10). Seventy-four UK-based adults were allocated to a traditional video-training condition (n = 40) or a personality-conditional condition (n = 34). Both groups completed a four-item scenario-based pre-assessment (scored 0--40), a single training session, and an equivalent post-assessment. The personality-conditional group additionally completed the BFI-10 (Big Five Inventory-10) and was routed to one of four training modules covering five FFM traits (Conscientiousness and Neuroticism share a module). Pre-assessment scores did not differ between groups (t(69.1) = 0.43, p = .67), confirming baseline equivalence. The personality-conditional group scored significantly higher on the post-assessment (M = 35.88, SD = 5.00 vs M = 30.75, SD = 10.23; Welch's t(58.5) = 2.81, p = .007; Cohen's d = 0.62; 95\% CI [1.47, 8.79] marks), with a pass-rate of 100\% versus 77.5\% (Fisher's exact p < .01). These results offer preliminary support for personality-conditional content routing as a feasible design principle for cybersecurity awareness training. Comments: Submitted to Computers & Security (Elsevier) Journal Subjects: Cryptography and Security (cs.CR); Human-Computer Interaction (cs.HC) Cite as: arXiv:2605.24551 [cs.CR]   (or arXiv:2605.24551v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2605.24551 Focus to learn more Submission history From: Mohammad Abdur Razzaque Dr. [view email] [v1] Sat, 23 May 2026 12:39:02 UTC (1,877 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-05 Change to browse by: cs cs.HC References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)