Abstract
Most of the research carried out in cybersecurity considers the technical aspects of the security of an organisation’s systems. This work highlights the importance of considering the ‘softer’ social side of cyber security that looks at the lived experiences of phishing attack victims and the effect of such attacks on work engagement. In order to understand these effects, the study adopted the grounded theory (GT) approach to collecting and analysing data elicited from participants. The participants were theoretically sampled from the metropole area of Johannesburg and presented lived experiences of phishing attacks in their unique contexts. The data were transcribed and coded using GT techniques. From the codes, categories were derived, and substantive theory that explains the effects of phishing attack victims on work engagement was generated. The implications of this theory compared to previous theories and scholars and practitioners are discussed.
Keywords: Cybersecurity, Phishing, Work Engagement, Grounded Theory.