Cognitive dissonance in cybersecurity – a review and research agenda

Schaik, Paul van and Renaud, Karen (2026) Cognitive dissonance in cybersecurity – a review and research agenda. Information and Computer Security. ISSN 2056-4961 (https://doi.org/10.1108/ICS-12-2025-0509)

Preview

Text. Filename: Schaik-Renaud-ICS-2026-Cognitive-dissonance-in-cybersecurity-a-research.pdf Accepted Author Manuscript License: Download (2MB)| Preview

Abstract

Purpose: This paper aims to provide: (a) an outline and description of cognitive dissonance theory; (b) an overview of cognitive dissonance interventions; (c) a high-level view of cognitive dissonance theory (CDT) research; (d) a review of existing mentions of cognitive dissonance, and studies meaningfully applying CDT to cybersecurity; (e) suggestions for future research. Design/Methodology: We conducted a general review of cognitive-dissonance research and three literature reviews of: (a) cognitive dissonance at a high level, (b) cognitive-dissonance interventions and (c) cognitive dissonance in cybersecurity. Findings: Cognitive-dissonance theory is compact and widely applicable. Cognitive-dissonance theory paradigms provide a basis for interventions across domains. Awareness of cognitive dissonance is relatively widespread in the cybersecurity literature. Many publications mentioned cognitive dissonance in passing. However, less than 13% of publications meaningfully focused on cognitive dissonance. Research Implications: Cognitive-dissonance theory provides concepts and techniques to develop further insight into the cybersecurity attitude-behaviour gap. These have the potential to help bridge the gap and thereby increase cybersecure behaviour. Such interventions should be designed and evaluated in future research. Originality: This paper makes an original contribution to cybersecurity research by identifying: (a) cognitive-dissonance paradigms that form the potential basis for interventions to increase cybersecure behaviour, (b) cybersecurity areas that potentially benefit from such interventions and other areas in which cognitive-dissonance theory has been meaningfully applied; (c) directions for future research, most notably focusing on how to apply cognitive-dissonance-based interventions.

ORCID iDs

Renaud, Karen ORCID: https://orcid.org/0000-0002-7187-6531

• Share and Export
  

  RDF+XMLSimple MetadataMETSData Cite XMLAtomMultiline CSVOpenURL ContextObject in SpanOpenURL ContextObjectOPENAIREEP3 XMLASCII CitationReferHTML CitationBibTeXRIOXX2 XMLDublin CoreRefWorksRDF+N3MODSRIS (EndNote Online, Zotero, Ref manager, etc)RDF+N-TriplesMPEG-21 DIDLEndNoteJSON
• Item metadata

  Item type:	Article
  ID code:	96188
  Dates:	Date Event 1 June 2026 Published 1 June 2026 Published Online 6 May 2026 Accepted
  Subjects:	Science > Mathematics > Electronic computers. Computer science > Other topics, A-Z > Human-computer interaction
  Department:	Faculty of Science > Computer and Information Sciences
  Depositing user:	Pure Administrator
  Date deposited:	07 May 2026 09:55
  Last modified:	10 Jun 2026 00:23
  Related URLs:	Journal or Publication
  URI:	https://strathprints.strath.ac.uk/id/eprint/96188