Taking Risks With Cybersecurity: Using Knowledge and Personal Characteristics to Predict Self-Reported Cybersecurity Behaviors

Kennison, Shelia M.; Chan-Tin, Eric

doi:10.3389/fpsyg.2020.546546

Cited by 41 publications

(23 citation statements)

References 63 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In another recent study, findings suggested that not only were riskier CS behaviors highly related to CS breaches in general, but that training to increase the use of best practices such as password complexity did not effectively compensate for the problematic behavior. 28 In this study, significant findings related primarily to one's proficiency and competence could also represent a hidden risk in that scores suggestive of greater competence may result from a desire to appear more competent about CS than the respondent actually is. Another result that seems to have particularly salient implications is that perceived severity and perceived experience were the strongest predictors of perceived vulnerability.…”

Section: Discussionmentioning

confidence: 78%

Perceived Vulnerability As a Determinant of Increased Risk for Cybersecurity Risk Behavior

Debb

McClellan

2021

Cyberpsychology, Behavior, and Social Networking

View full text Add to dashboard Cite

There is interest in better understanding people's cybersecurity (CS)-related attitudes and behaviors, which are ultimately impacted by their perceived vulnerability to CS risks. There is a relationship between how risk is perceived and how someone acts, with protection motivation theory (PMT) providing a particularly salient framework for explaining this connection. Exploration of how one perceives his or her own vulnerability to CS victimization is essential to understanding this interaction, and risk mitigation of threats relies heavily on the human despite increased reliance on digital technologies such as machine learning that can be used proactively and in real time yet are still impacted by human behavior. This study sought to examine the information security attitudes and behaviors that contribute to perceived CS vulnerability. A convenience sample of 612 college students sampled from two public universities in the United States completed a brief demographic survey and the Online Security Behavior and Beliefs Questionnaire. The instrument demonstrated good internal reliability with an index of perceived vulnerability significantly and positively correlating with multiple subscales. Linear regression indicated subscales that tended to focus more on one's inner belief that he or she is capable and competent enough to understand the nature of CS risks was predictive of perceived vulnerability, potentially resulting from a social desirability response bias which yielded an overly favorable self-report. PMT suggests that knowledge is an essential factor influencing decision making and results of this study suggest that perceived vulnerability may depend upon the appraisal of experience more so than one's actual knowledge or competence.

show abstract

Section: Discussionmentioning

confidence: 78%

Perceived Vulnerability As a Determinant of Increased Risk for Cybersecurity Risk Behavior

Debb

McClellan

2021

Cyberpsychology, Behavior, and Social Networking

View full text Add to dashboard Cite

show abstract

“…Recently, a study by Kannison and Chan-Tin [45] found a relationship between psychological features and safety behaviors, therefore confirming the relevance of the human component in the implementation of safety behaviors.…”

Section: Behavior Analysis: a Primermentioning

confidence: 75%

Getting Rid of the Usability/Security Trade-Off: A Behavioral Approach

Nocera

Tempestini

2022

JCP

View full text Add to dashboard Cite

The usability/security trade-off indicates the inversely proportional relationship that seems to exist between usability and security. The more secure the systems, the less usable they will be. On the contrary, more usable systems will be less secure. So far, attempts to reduce the gap between usability and security have been unsuccessful. In this paper, we offer a theoretical perspective to exploit this tradeoff rather than fight it, as well as a practical approach to the use of contextual improvements in system usability to reward secure behavior. The theoretical perspective, based on the concept of reinforcement, has been successfully applied to several domains, and there is no reason to believe that the cybersecurity domain will represent an exception. Although the purpose of this article is to devise a research agenda, we also provide an example based on a single-case study where we apply the rationale underlying our proposal in a laboratory experiment.

show abstract

“…, keeping anti-virus software up to date). Meanwhile, Kennison & Chan-Tin (2020) reported rather different results: extraversion, agreeableness, and emotional stability -not openness nor conscientiousness- explain why some users are prone to commit risky cyber behaviors ( e.g. , not signing out of a shared computer, sharing password with someone else) while others are not.…”

Section: Theoretical Frameworkmentioning

confidence: 98%

Security awareness of single sign-on account in the academic community: the roles of demographics, privacy concerns, and Big-Five personality

Pratama

Firmansyah

Rahma

2022

PeerJ Computer Science

View full text Add to dashboard Cite

Single sign-on (SSO) enables users to authenticate across multiple related but independent systems using a single username and password. While the number of higher education institutions adopting SSO continues to grow, little is known about the academic community’s security awareness regarding SSO. This paper aims to examine the security awareness of SSO across various demographic groups within a single higher education institution based on their age, gender, and academic roles. Additionally, we investigate some psychological factors (i.e., privacy concerns and personality traits) that may influence users’ level of SSO security awareness. Using survey data collected from 283 participants (faculty, staff, and students) and analyzed using a hierarchical linear regression model, we discovered a generational gap, but no gender gap, in security awareness of SSO. Additionally, our findings confirm that students have a significantly lower level of security awareness than faculty and staff. Finally, we discovered that privacy concerns have no effect on SSO security awareness on their own. Rather, they interact with the user’s personality traits, most notably agreeableness and conscientiousness. The findings of this study lay the groundwork for future research and interventions aimed at increasing cybersecurity awareness among users of various demographic groups as well as closing any existing gaps between them.

show abstract

Taking Risks With Cybersecurity: Using Knowledge and Personal Characteristics to Predict Self-Reported Cybersecurity Behaviors

Cited by 41 publications

References 63 publications

Perceived Vulnerability As a Determinant of Increased Risk for Cybersecurity Risk Behavior

Perceived Vulnerability As a Determinant of Increased Risk for Cybersecurity Risk Behavior

Getting Rid of the Usability/Security Trade-Off: A Behavioral Approach

Security awareness of single sign-on account in the academic community: the roles of demographics, privacy concerns, and Big-Five personality

Contact Info

Product

Resources

About