Gamification in workforce training: Improving employees ' self-efficacy and information security and data protection behaviours

This research aims to address two questions: (1) how can gamification strategies increase success of e-training systems and enhance employees' information security and data protection self-efficacy? and (2) do gamified etraining systems improve employees' information security and data protection behaviours? Drawing on the information systems success literature, this research offers new insights into gamified information security and data protection e-trainings through two studies. Study 1 analyses the perceptions of 1,178 employees of an international company using structural equation modelling. The results show that gamification significantly influences information quality, system quality and enjoyment which, in turn, increase perceived usefulness and satisfaction. Perceived usefulness also enhances satisfaction, and both variables improve security self-efficacy. Study 2 investigates the employees' behaviours by analysing their responses to phishing. The results confirm that gamified e-training improves employees' security behaviours, as it reduces the percentage of employees who click on a phishing attack and promotes positive reactions.