Computer Security and Risky Computing Practices

Aytes, Kregg; Connolly, Terry

doi:10.4018/9781599049458.ch115

Cited by 23 publications

(42 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Research also found that people were willing to undertake risky practices. Individuals were actually rewarded as they were seen as helpful for allowing an event to take place without applying security controls or practice .…”

Section: Human Behaviourmentioning

confidence: 99%

Human behaviour as an aspect of cybersecurity assurance

Evans

Μαγλαράς

et al. 2016

Security Comm Networks

105

View full text Add to dashboard Cite

There continue to be numerous breaches publicised pertaining to cybersecurity despite security practices being applied within industry for many years. This paper is intended to be the first in a number of papers as research into cybersecurity assurance processes. This paper is compiled based on current research related to cybersecurity assurance and the impact of the human element on it. The objective of this work is to identify elements of cybersecurity that would benefit from further research and development based on the literature review findings. The results outlined in this paper present a need for the cybersecurity field to look in to established industry areas to benefit from effective practices such as human reliability assessment, along with improved methods of validation such as statistical quality control in order to obtain true assurance. The paper proposes the development of a framework that will be based upon defined and repeatable quantification, specifically relating to the range of human aspect tasks that provide or are intended not to negatively affect cybersecurity assurance.

show abstract

Section: Human Behaviourmentioning

confidence: 99%

Human behaviour as an aspect of cybersecurity assurance

Evans

Μαγλαράς

et al. 2016

Security Comm Networks

105

View full text Add to dashboard Cite

show abstract

“…Researchers have recently noticed that technology alone is insufficient to ensure security and have started to pay attention to the human aspect of security (Anderson and Agarwal, 2006;Aytes and Terry, 2004;Ng et al, 2009;Woon et al, 2005;Workman et al, 2008). Yet, knowledge about user security behaviors is far from complete.…”

Section: Introductionmentioning

confidence: 99%

Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective

Liang¹,

Xue²

2010

JAIS

349

305

View full text Add to dashboard Cite

This study aims to understand the IT threat avoidance behaviors of personal computer users. We tested a research model derived from Technology Threat Avoidance Theory (TTAT) using survey data. We find that users' IT threat avoidance behavior is predicted by avoidance motivation, which, in turn, is determined by perceived threat, safeguard effectiveness, safeguard cost, and self-efficacy. Users develop a threat perception when they believe that the malicious IT is likely to attack them (perceived susceptibility) and the negative consequences will be severe if they are attacked (perceived severity). When threatened, users are more motivated to avoid the threat if they believe that the safeguarding measure is effective (safeguard effectiveness) and inexpensive (safeguard cost) and they have confidence in using it (self-efficacy). In addition, we find that perceived threat and safeguard effectiveness have a negative interaction on avoidance motivation so that a higher level of perceived threat is associated with a weaker relationship between safeguard effectiveness and avoidance motivation or a higher level of safeguard effectiveness is associated with a weaker relationship between perceived threat and avoidance motivation. These findings provide an enriched understanding about personal computer users' IT threat avoidance behavior.

show abstract

“…Facilitating conditions refers to the help and assistance that is available to users as they use their passwords. Facilitating conditions was measured using 6 items which are based on items from Aytes and Connolly (2004). Simple statements and a scenario involving a forgotten password were provided and the participants asked to rate their degree of agreement or disagreement using a 5 point Likert scale ranging from "strongly disagree" to "strongly agree".…”

Section: Facilitating Conditionsmentioning

confidence: 99%

“…Secure behavior intention relates to a participant's intention to use their passwords in a secure fashion. The items used to measure secure behavior intention are based on items from Aytes and Connolly (2004), Ng and Rahim (2005), and Brown et al (2002). Secure behavior intention was measured using 7 items relating to a scenario based around proper password hygiene.…”

Section: Secure Behavior Intentionmentioning

confidence: 99%