Abstract Human behaviour in cybersecurity is often assessed through self‐reported measures, which may obscure the gap between individuals' intentions and actual actions. This study takes an interdisciplinary approach by combining psychological measurement and machine learning to investigate the role of individual differences and other factors in this intention‐behaviour gap within cybersecurity contexts. Using a decision tree classifier, we analysed the impact of demographic and sociodemographic factors, personality traits, individual differences, internet usage patterns, exposure to offences, risk‐taking tendencies and risk perceptions on cybersecurity behaviours. In the first phase, 619 participants completed validated psychological assessments to evaluate their characteristics, personality traits and cybersecurity intentions. In the second phase, 301 participants interacted with a purpose‐built website designed to assess whether their reported intentions aligned with their observable behaviours. The results revealed a significant divergence between intentions and actions, with individual differences, personality traits and conservative behavioural tendencies emerging as key predictors of this gap. These findings highlight the importance of incorporating psychological frameworks to understand complex human behaviours in cybersecurity better. This research offers valuable insights into the psychological mechanisms and individual differences driving digital behaviour, emphasising the need for tailored strategies to bridge the intention‐action gap and improve cybersecurity practices.
Ceran et al. (Fri,) studied this question.