SlideShare une entreprise Scribd logo

Components of a Model of Cybersecurity Behavior Adoption

Cori Faklaris
Cori Faklaris

Cori Faklaris presented a model for understanding the process of adopting or not adopting cybersecurity behaviors. Existing models focus on concepts like expectancy and value but do not account for time or how thinking evolves. Stage models break the process into chunks like stages of change. Faklaris proposes exploring whether there are two trajectories for adoption - mandatory behaviors imposed by authorities versus voluntary behaviors influenced more by peers. The goal is to specify stages to target security interventions more effectively and improve adoption of behaviors.

Technologie
1  sur  21
Télécharger pour lire hors ligne
Components of a Model of Cybersecurity Behavior Adoption Cori Faklaris, Carnegie Mellon University Workshop on Security Information Workers Symposium on Usable Privacy and Security Aug. 8, 2021 August 2021
Agenda ▪ Introduction ▪ Existing models and their relevant components ▪ Overview of my thesis research to start defining the learning/adoption trajectories for end-user cybersecurity behavior ▪ Implications Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 2
About Cori (@heycori) ▪ 5th year PhD candidate and researcher at the Human-Computer Interaction Institute, School of Computer Science, Carnegie Mellon University. ▪ Knight Fellow of the Center for Informed Democracy and Social Cybersecurity (IDeaS); CMU Presidential Fellow of the CyLab Security & Privacy Institute. ▪ Co-principal investigator on the NSF Social Cybersecurity project at the HCII (https://socialcybersecurity.org/ ). ▪ Past career in journalism, IT and social media (https://corifaklaris.com). ▪ Published at the USENIX Symposium on Usable Privacy and Security (SOUPS) and in Proceedings of the ACM: Human-Computer Interaction (CSCW), other venues. 3
Problem: Cyberdefense (Non-) Adoption ▪ Computing systems are increasingly central to society. ▪ But, many people do not understand enough about how they work - or what cyber-threats to guard against. ▪ Meanwhile, global costs of cybercrime jumped >50% in 2019-20, to over $1T. Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 4 Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. “My Data Just Goes Everywhere:” User Mental Models of the Internet and Implications for Privacy and Security. In Symposium on Usable Privacy and Security (SOUPS), USENIX Association Berkeley, CA, 39–52. Retrieved from https://www.usenix.org/conference/soups2015/proceedings/presentation/kang Zhanna Malekos Smith, Eugenia Lostri, and James A Lewis. 2020. The Hidden Costs of Cybercrime. McAfee.
Problem: Cyberdefense (Non-) Adoption ▪ Enterprise security training can cost around $300,000 + 100s of staff hours. ▪ Difficult to persuade users to accept and adopt security measures when they or their peers do not view these measures positively. Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 5 Tara Seals. 2017. Cost of User Security Training Tops $290K Per Year. Infosecurity Magazine. Retrieved January 20, 2021 from https://www.infosecurity-magazine.com:443/news/cost-of-user-security-training/ Cori Faklaris, Laura Dabbish, and Jason I Hong. 2019. A Self-Report Measure of End-User Security Attitudes (SA-6). In Proceedings of the Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), USENIX Association Berkeley, CA, Santa Clara, CA, 18. Retrieved from https://www.usenix.org/system/files/soups2019-faklaris.pdf Sauvik Das, Adam D.I. Kramer, Laura A. Dabbish, and Jason I. Hong. 2015. The Role of Social Influence in Security Feature Adoption. In Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing (CSCW ’15), ACM, New York, NY, USA, 1416–1426. DOI:https://doi.org/10.1145/2675133.2675225
To reduce costs and improve awareness + adoption, we should apply insights from: ▪ social psychology, ▪ marketing, and ▪ public health. 6 Key Insight for Cyberdefense
An empirical understanding of the cyberdefense adoption process will help us to specify the mental states and social influences acting at each step, leading to better targeting and timing of security interventions. 7 My Thesis
8 Cori Faklaris. 2021. Components of a Model of Cybersecurity Behavior Adoption. In Workshop on Security Information Workers. Retrieved from https://corifaklaris.com/files/Faklaris_WS IW2021_stagemodels.pdf ● Many models of behavior adoption focus on concepts of expectancy (how likely it is thought that a desired, instrumental outcome will occur) and value (how much the outcome has importance or utility). ● They do not account for time or how thinking evolves. Search string in Google Scholar using an "incognito" browser window in July 2021 Results fogg behavior model and cybersecurity 395 decisional balance theory and cybersecurity 1210 prospect theory and cybersecurity 13700 health belief model and cybersecurity 19500 theory of reasoned action and cybersecurity 18900 theory of planned behavior and cybersecurity 25000 protection motivation theory and cybersecurity 27800 technology acceptance model and cybersecurity 31300 Focus: Understand Process of Cyberdefense (Non-) Adoption Theoretical Modeling Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 8
Theory of Planned Behavior (TPB) 9
Protection Motivation Theory (PMT) 10
Technology Acceptance Model (TAM) 11
12 Cori Faklaris. 2021. Components of a Model of Cybersecurity Behavior Adoption. In Workshop on Security Information Workers. Retrieved from https://corifaklaris.com/files/Faklaris_WS IW2021_stagemodels.pdf ● Stage models of behavior change account for the progress of time, breaking the continuum into chunks. ● The Transtheoretical Model sees change as a cyclical process, in which the associated processes of change help move people from one stage to the next. ● The Precaution Adoption Process Model break down “inaction” into unawareness, unengaged, undecided, and decided not to act; “action’ stages are like TTM. ● The Diffusion of Innovations process model accounts for more “action” stage changes such as confirmation, later adoption, and discontinuance of adoption. Search string in Google Scholar using an "incognito" browser window in July 2021 Results transtheoretical model and cybersecurity 112 precaution adoption process model and cybersecurity 9610 diffusion of innovations and cybersecurity 17300 Focus: Understand Process of Cyberdefense (Non-) Adoption Theoretical Modeling
Transtheoretical Model (TTM) 13 Experiential processes Behavioral processes
Diffusion of Innovations (DoI) Process Model 14
RQ: What stages do people go through in adoption (or non-adoption) of cybersecurity behaviors? 15
Phase 3 Method: Exploratory Sequential Mixed-Methods 16 John W. Creswell and J. David Creswell. 2017. Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. SAGE Publications. Retrieved from https://play.google.com/store/books/details?id=KGNADwAAQBAJ Surveys Interviews Analysis Survey Design Analysis Triangulation and Integration Phase 1 - Qualitative Phase 2 - Quantitative
Mandatory adoption Cybersecurity has two different learning/ adoption trajectories Voluntary adoption 17 Learning Persuasion Adoption Learning Threat Authorities Adoption Threat Peers/Media Persuasion Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 17
Implications: Specify how the stages might vary for different security measures For tool-based practices such as password managers, 2FA authentication: How many are aware of, motivated, and/or able to use each of the tools? How much do social influences and voluntariness weigh in the decision to adopt? Why do people stop using the tools, once adopted? For knowledge-based practices such as timely updates, alertness to “fake news”: How many people are aware of which practices have merit, and when? Which cognitions or contexts cue them to act out practices? Whiat defeats their intention to act out practices? 18 Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 18
Outcome: Stage Model of Cybersecurity Behavior Adoption ▪ Moves the field of usable security away from “one size fits all” strategies ▪ Use to create a classification algorithm to direct resources, “interventions” (such as security tips or interface nudges) to those most likely to benefit. ▪ Boost effectiveness of cybersecurity risk assessments in resource-tight orgs ▪ Help adoption researchers to sharpen strategies, build business value Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 19
Future work Collect experimental evidence for targeting security interventions by stage and by tool: ▪ Password managers ▪ Software updates Examine how this and/or other stage models, such as Diffusion of Innovations, can be adapted for enterprise teams Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 20
Mandatory adoption What are your questions / feedback on these ideas? Voluntary adoption 21 Learning Persuasion Adoption Learning Threat Authorities Adoption Threat Peers/Media Persuasion Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 21

Recommandé

Behavior Change Using Social Influences
Behavior Change Using Social InfluencesBehavior Change Using Social Influences
Behavior Change Using Social InfluencesCori Faklaris
 
Ethics and Big Data
Ethics and Big Data Ethics and Big Data
Ethics and Big Data Pew Research Center's Internet & American Life Project
 
The Internet of Things and Future Shock: Too Much Change Too Fast?
The Internet of Things and Future Shock: Too Much Change Too Fast?The Internet of Things and Future Shock: Too Much Change Too Fast?
The Internet of Things and Future Shock: Too Much Change Too Fast?Pew Research Center's Internet & American Life Project
 
LEPC: Social media and disasters
LEPC: Social media and disastersLEPC: Social media and disasters
LEPC: Social media and disastersDuty Officer
 
Toolkit on factchecking by shreedeep rayamajhi
Toolkit on factchecking by shreedeep rayamajhiToolkit on factchecking by shreedeep rayamajhi
Toolkit on factchecking by shreedeep rayamajhiShreedeep Rayamajhi
 
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhi
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhiReport on data breach and privacy in nepal during covid19 by shreedeep rayamajhi
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhiShreedeep Rayamajhi
 
Final survey on disinformation and its practice during covid 19 in developing...
Final survey on disinformation and its practice during covid 19 in developing...Final survey on disinformation and its practice during covid 19 in developing...
Final survey on disinformation and its practice during covid 19 in developing...Shreedeep Rayamajhi
 
Privacy and Security on Social Media
Privacy and Security on Social MediaPrivacy and Security on Social Media
Privacy and Security on Social MediaYogeshIJTSRD
 

Recommandé

Behavior Change Using Social Influences
Behavior Change Using Social InfluencesBehavior Change Using Social Influences
Behavior Change Using Social InfluencesCori Faklaris
 
Ethics and Big Data
Ethics and Big Data Ethics and Big Data
Ethics and Big Data Pew Research Center's Internet & American Life Project
 
The Internet of Things and Future Shock: Too Much Change Too Fast?
The Internet of Things and Future Shock: Too Much Change Too Fast?The Internet of Things and Future Shock: Too Much Change Too Fast?
The Internet of Things and Future Shock: Too Much Change Too Fast?Pew Research Center's Internet & American Life Project
 
LEPC: Social media and disasters
LEPC: Social media and disastersLEPC: Social media and disasters
LEPC: Social media and disastersDuty Officer
 
Toolkit on factchecking by shreedeep rayamajhi
Toolkit on factchecking by shreedeep rayamajhiToolkit on factchecking by shreedeep rayamajhi
Toolkit on factchecking by shreedeep rayamajhiShreedeep Rayamajhi
 
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhi
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhiReport on data breach and privacy in nepal during covid19 by shreedeep rayamajhi
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhiShreedeep Rayamajhi
 
Final survey on disinformation and its practice during covid 19 in developing...
Final survey on disinformation and its practice during covid 19 in developing...Final survey on disinformation and its practice during covid 19 in developing...
Final survey on disinformation and its practice during covid 19 in developing...Shreedeep Rayamajhi
 
Privacy and Security on Social Media
Privacy and Security on Social MediaPrivacy and Security on Social Media
Privacy and Security on Social MediaYogeshIJTSRD
 
LifeLock Javelin Presentation
LifeLock Javelin PresentationLifeLock Javelin Presentation
LifeLock Javelin PresentationLifeLockBusinessSolutions
 
The future of technology
The future of technologyThe future of technology
The future of technologyPew Research Center's Internet & American Life Project
 
I4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenI4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenPaul van Heel
 
Opportunities and Challenges in Crisis Informatics
Opportunities and Challenges in Crisis InformaticsOpportunities and Challenges in Crisis Informatics
Opportunities and Challenges in Crisis InformaticsLea Shanley
 
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSSECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSZac Darcy
 
Privacy and Social Networks
Privacy and Social NetworksPrivacy and Social Networks
Privacy and Social Networksblogzilla
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in IndiaDinesh O Bareja
 
Fall2015SecurityShow
Fall2015SecurityShowFall2015SecurityShow
Fall2015SecurityShowAdam Heller
 
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, FedseMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, FedseMarketer
 
Impact of trust, security and privacy concerns in social networking: An explo...
Impact of trust, security and privacy concerns in social networking: An explo...Impact of trust, security and privacy concerns in social networking: An explo...
Impact of trust, security and privacy concerns in social networking: An explo...Anil Dhami
 
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 PresentationCyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentationaxnv
 
Trusting the internet
Trusting the internetTrusting the internet
Trusting the internetAireen Sinong
 
Digital Fault-Lines
Digital Fault-LinesDigital Fault-Lines
Digital Fault-LinesCyril Foday-Kailie
 
Thesis proposal v3
Thesis proposal v3Thesis proposal v3
Thesis proposal v3lroddesign
 
Raytheon Millennial Cybersecurity Survey
Raytheon Millennial Cybersecurity SurveyRaytheon Millennial Cybersecurity Survey
Raytheon Millennial Cybersecurity Survey- Mark - Fullbright
 
A week is a long time in computer ethics
A week is a long time in computer ethicsA week is a long time in computer ethics
A week is a long time in computer ethicsUltraUploader
 
I4ADA 2019 - Accountability, Social Media & Journalism
I4ADA 2019 - Accountability, Social Media & JournalismI4ADA 2019 - Accountability, Social Media & Journalism
I4ADA 2019 - Accountability, Social Media & JournalismPaul van Heel
 
Order 32740459
Order 32740459Order 32740459
Order 32740459gracyatpassessays
 
Presentation slides
Presentation slidesPresentation slides
Presentation slidesandrewdyoung
 
Cyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchCyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchLaVerne Kemp
 
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...Cori Faklaris
 
Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Securityjoinson
 

Contenu connexe

Tendances

I4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenI4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenPaul van Heel
 
Opportunities and Challenges in Crisis Informatics
Opportunities and Challenges in Crisis InformaticsOpportunities and Challenges in Crisis Informatics
Opportunities and Challenges in Crisis InformaticsLea Shanley
 
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSSECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSZac Darcy
 
Privacy and Social Networks
Privacy and Social NetworksPrivacy and Social Networks
Privacy and Social Networksblogzilla
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in IndiaDinesh O Bareja
 
Fall2015SecurityShow
Fall2015SecurityShowFall2015SecurityShow
Fall2015SecurityShowAdam Heller
 
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, FedseMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, FedseMarketer
 
Impact of trust, security and privacy concerns in social networking: An explo...
Impact of trust, security and privacy concerns in social networking: An explo...Impact of trust, security and privacy concerns in social networking: An explo...
Impact of trust, security and privacy concerns in social networking: An explo...Anil Dhami
 
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 PresentationCyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentationaxnv
 
Trusting the internet
Trusting the internetTrusting the internet
Trusting the internetAireen Sinong
 
Thesis proposal v3
Thesis proposal v3Thesis proposal v3
Thesis proposal v3lroddesign
 
Raytheon Millennial Cybersecurity Survey
Raytheon Millennial Cybersecurity SurveyRaytheon Millennial Cybersecurity Survey
Raytheon Millennial Cybersecurity Survey- Mark - Fullbright
 
A week is a long time in computer ethics
A week is a long time in computer ethicsA week is a long time in computer ethics
A week is a long time in computer ethicsUltraUploader
 
I4ADA 2019 - Accountability, Social Media & Journalism
I4ADA 2019 - Accountability, Social Media & JournalismI4ADA 2019 - Accountability, Social Media & Journalism
I4ADA 2019 - Accountability, Social Media & JournalismPaul van Heel
 
Presentation slides
Presentation slidesPresentation slides
Presentation slidesandrewdyoung
 
Cyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchCyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchLaVerne Kemp
 

Tendances (20)

LifeLock Javelin Presentation
LifeLock Javelin PresentationLifeLock Javelin Presentation
LifeLock Javelin Presentation
 
The future of technology
The future of technologyThe future of technology
The future of technology
 
I4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenI4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
 
Opportunities and Challenges in Crisis Informatics
Opportunities and Challenges in Crisis InformaticsOpportunities and Challenges in Crisis Informatics
Opportunities and Challenges in Crisis Informatics
 
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKSSECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
SECUREWALL-A FRAMEWORK FOR FINEGRAINED PRIVACY CONTROL IN ONLINE SOCIAL NETWORKS
 
Privacy and Social Networks
Privacy and Social NetworksPrivacy and Social Networks
Privacy and Social Networks
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in India
 
Fall2015SecurityShow
Fall2015SecurityShowFall2015SecurityShow
Fall2015SecurityShow
 
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, FedseMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
eMarketer Webinar: Perspectives on Digital Privacy—Marketers, Consumers, Feds
 
Impact of trust, security and privacy concerns in social networking: An explo...
Impact of trust, security and privacy concerns in social networking: An explo...Impact of trust, security and privacy concerns in social networking: An explo...
Impact of trust, security and privacy concerns in social networking: An explo...
 
Cyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 PresentationCyber Surveillance - Honors English 1 Presentation
Cyber Surveillance - Honors English 1 Presentation
 
Trusting the internet
Trusting the internetTrusting the internet
Trusting the internet
 
Digital Fault-Lines
Digital Fault-LinesDigital Fault-Lines
Digital Fault-Lines
 
Thesis proposal v3
Thesis proposal v3Thesis proposal v3
Thesis proposal v3
 
Raytheon Millennial Cybersecurity Survey
Raytheon Millennial Cybersecurity SurveyRaytheon Millennial Cybersecurity Survey
Raytheon Millennial Cybersecurity Survey
 
A week is a long time in computer ethics
A week is a long time in computer ethicsA week is a long time in computer ethics
A week is a long time in computer ethics
 
I4ADA 2019 - Accountability, Social Media & Journalism
I4ADA 2019 - Accountability, Social Media & JournalismI4ADA 2019 - Accountability, Social Media & Journalism
I4ADA 2019 - Accountability, Social Media & Journalism
 
Order 32740459
Order 32740459Order 32740459
Order 32740459
 
Presentation slides
Presentation slidesPresentation slides
Presentation slides
 
Cyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act researchCyber intelligence sharing and protection act research
Cyber intelligence sharing and protection act research
 

Similaire à Components of a Model of Cybersecurity Behavior Adoption

How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...Cori Faklaris
 
Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Securityjoinson
 
Blurring the Boundaries? Ethical challenges in using social media for social...
Blurring the Boundaries? Ethical challenges in using social media for social...Blurring the Boundaries? Ethical challenges in using social media for social...
Blurring the Boundaries? Ethical challenges in using social media for social...Kandy Woodfield
 
EDR 8204 Week 3 Assignment: Analyze Action Research
EDR 8204 Week 3 Assignment: Analyze Action ResearchEDR 8204 Week 3 Assignment: Analyze Action Research
EDR 8204 Week 3 Assignment: Analyze Action Researcheckchela
 
Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...Editor IJCATR
 
Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...Editor IJCATR
 
Appling tracking game system to measure user behavior toward cybersecurity p...
Appling tracking game system to measure user behavior toward cybersecurity p...Appling tracking game system to measure user behavior toward cybersecurity p...
Appling tracking game system to measure user behavior toward cybersecurity p...IJECEIAES
 
google-experts-VS-regular-users
google-experts-VS-regular-usersgoogle-experts-VS-regular-users
google-experts-VS-regular-usersThomas Hughes
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera readyMark Sinclair
 
Designing for Usable Security and Privacy
Designing for Usable Security and PrivacyDesigning for Usable Security and Privacy
Designing for Usable Security and PrivacyCori Faklaris
 
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...Nicola Marae Allain, PhD
 
Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...IOSR Journals
 
Digital citizenship @ your school
Digital citizenship @ your schoolDigital citizenship @ your school
Digital citizenship @ your schoolJune Wall
 
144 presentation iee_tel2021
144 presentation iee_tel2021144 presentation iee_tel2021
144 presentation iee_tel2021Malinka Ivanova
 
Student privacy self-management: Implications for learning analytics
Student privacy self-management: Implications for learning analyticsStudent privacy self-management: Implications for learning analytics
Student privacy self-management: Implications for learning analyticsUniversity of South Africa (Unisa)
 
Getting Successful Universal Ehr Is Not Just Technology...
Getting Successful Universal Ehr Is Not Just Technology...Getting Successful Universal Ehr Is Not Just Technology...
Getting Successful Universal Ehr Is Not Just Technology...Jessica Tanner
 
A Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - FullA Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - Fullgloriakt
 
B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...
B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...
B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...Keiko Tanaka
 
NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk ModelsDavid Sweigert
 

Similaire à Components of a Model of Cybersecurity Behavior Adoption (20)

How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
 
Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Security
 
Blurring the Boundaries? Ethical challenges in using social media for social...
Blurring the Boundaries? Ethical challenges in using social media for social...Blurring the Boundaries? Ethical challenges in using social media for social...
Blurring the Boundaries? Ethical challenges in using social media for social...
 
EDR 8204 Week 3 Assignment: Analyze Action Research
EDR 8204 Week 3 Assignment: Analyze Action ResearchEDR 8204 Week 3 Assignment: Analyze Action Research
EDR 8204 Week 3 Assignment: Analyze Action Research
 
Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...
 
Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...Integration of Bayesian Theory and Association Rule Mining in Predicting User...
Integration of Bayesian Theory and Association Rule Mining in Predicting User...
 
Appling tracking game system to measure user behavior toward cybersecurity p...
Appling tracking game system to measure user behavior toward cybersecurity p...Appling tracking game system to measure user behavior toward cybersecurity p...
Appling tracking game system to measure user behavior toward cybersecurity p...
 
google-experts-VS-regular-users
google-experts-VS-regular-usersgoogle-experts-VS-regular-users
google-experts-VS-regular-users
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
 
Designing for Usable Security and Privacy
Designing for Usable Security and PrivacyDesigning for Usable Security and Privacy
Designing for Usable Security and Privacy
 
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...
 
Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...
 
Digital citizenship @ your school
Digital citizenship @ your schoolDigital citizenship @ your school
Digital citizenship @ your school
 
144 presentation iee_tel2021
144 presentation iee_tel2021144 presentation iee_tel2021
144 presentation iee_tel2021
 
Student privacy self-management: Implications for learning analytics
Student privacy self-management: Implications for learning analyticsStudent privacy self-management: Implications for learning analytics
Student privacy self-management: Implications for learning analytics
 
Getting Successful Universal Ehr Is Not Just Technology...
Getting Successful Universal Ehr Is Not Just Technology...Getting Successful Universal Ehr Is Not Just Technology...
Getting Successful Universal Ehr Is Not Just Technology...
 
Accessible Privacy and Security
Accessible Privacy and SecurityAccessible Privacy and Security
Accessible Privacy and Security
 
A Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - FullA Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - Full
 
B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...
B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...
B9_21_子供のプライバシー対策に必要なもの Speakers' slide deck for Privacy By Design Conference...
 
NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models
 

Plus de Cori Faklaris

Human Factors at the Grid Edge
Human Factors at the Grid EdgeHuman Factors at the Grid Edge
Human Factors at the Grid EdgeCori Faklaris
 
An Introduction to Generative AI
An Introduction to Generative AIAn Introduction to Generative AI
An Introduction to Generative AICori Faklaris
 
A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)Cori Faklaris
 
Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'Cori Faklaris
 
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...Cori Faklaris
 
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Cori Faklaris
 
Reframing Organizational Cybersecurity to Design for “Cyber Health”
Reframing Organizational Cybersecurity to Design for “Cyber Health”Reframing Organizational Cybersecurity to Design for “Cyber Health”
Reframing Organizational Cybersecurity to Design for “Cyber Health”Cori Faklaris
 
Social Media Best Practices - CMU Fall 2017
Social Media Best Practices - CMU Fall 2017Social Media Best Practices - CMU Fall 2017
Social Media Best Practices - CMU Fall 2017Cori Faklaris
 
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...Cori Faklaris
 
"Visualizing Email Content": Article discussion slides
"Visualizing Email Content": Article discussion slides"Visualizing Email Content": Article discussion slides
"Visualizing Email Content": Article discussion slidesCori Faklaris
 
Together: An app to foster community for young urbanites
Together: An app to foster community for young urbanitesTogether: An app to foster community for young urbanites
Together: An app to foster community for young urbanitesCori Faklaris
 
The State of E-Discovery as Social Media Goes Mobile
The State of E-Discovery as Social Media Goes Mobile The State of E-Discovery as Social Media Goes Mobile
The State of E-Discovery as Social Media Goes Mobile Cori Faklaris
 
5 ideas for paying for college as an adult returning student
5 ideas for paying for college as an adult returning student5 ideas for paying for college as an adult returning student
5 ideas for paying for college as an adult returning studentCori Faklaris
 
Social media boot camp: "HeyCori"'s tips for successful engagement online
Social media boot camp: "HeyCori"'s tips for successful engagement onlineSocial media boot camp: "HeyCori"'s tips for successful engagement online
Social media boot camp: "HeyCori"'s tips for successful engagement onlineCori Faklaris
 

Plus de Cori Faklaris (14)

Human Factors at the Grid Edge
Human Factors at the Grid EdgeHuman Factors at the Grid Edge
Human Factors at the Grid Edge
 
An Introduction to Generative AI
An Introduction to Generative AIAn Introduction to Generative AI
An Introduction to Generative AI
 
A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)
 
Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'
 
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
 
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
 
Reframing Organizational Cybersecurity to Design for “Cyber Health”
Reframing Organizational Cybersecurity to Design for “Cyber Health”Reframing Organizational Cybersecurity to Design for “Cyber Health”
Reframing Organizational Cybersecurity to Design for “Cyber Health”
 
Social Media Best Practices - CMU Fall 2017
Social Media Best Practices - CMU Fall 2017Social Media Best Practices - CMU Fall 2017
Social Media Best Practices - CMU Fall 2017
 
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
 
"Visualizing Email Content": Article discussion slides
"Visualizing Email Content": Article discussion slides"Visualizing Email Content": Article discussion slides
"Visualizing Email Content": Article discussion slides
 
Together: An app to foster community for young urbanites
Together: An app to foster community for young urbanitesTogether: An app to foster community for young urbanites
Together: An app to foster community for young urbanites
 
The State of E-Discovery as Social Media Goes Mobile
The State of E-Discovery as Social Media Goes Mobile The State of E-Discovery as Social Media Goes Mobile
The State of E-Discovery as Social Media Goes Mobile
 
5 ideas for paying for college as an adult returning student
5 ideas for paying for college as an adult returning student5 ideas for paying for college as an adult returning student
5 ideas for paying for college as an adult returning student
 
Social media boot camp: "HeyCori"'s tips for successful engagement online
Social media boot camp: "HeyCori"'s tips for successful engagement onlineSocial media boot camp: "HeyCori"'s tips for successful engagement online
Social media boot camp: "HeyCori"'s tips for successful engagement online
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Components of a Model of Cybersecurity Behavior Adoption

  • 1. Components of a Model of Cybersecurity Behavior Adoption Cori Faklaris, Carnegie Mellon University Workshop on Security Information Workers Symposium on Usable Privacy and Security Aug. 8, 2021 August 2021
  • 2. Agenda ▪ Introduction ▪ Existing models and their relevant components ▪ Overview of my thesis research to start defining the learning/adoption trajectories for end-user cybersecurity behavior ▪ Implications Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 2
  • 3. About Cori (@heycori) ▪ 5th year PhD candidate and researcher at the Human-Computer Interaction Institute, School of Computer Science, Carnegie Mellon University. ▪ Knight Fellow of the Center for Informed Democracy and Social Cybersecurity (IDeaS); CMU Presidential Fellow of the CyLab Security & Privacy Institute. ▪ Co-principal investigator on the NSF Social Cybersecurity project at the HCII (https://socialcybersecurity.org/ ). ▪ Past career in journalism, IT and social media (https://corifaklaris.com). ▪ Published at the USENIX Symposium on Usable Privacy and Security (SOUPS) and in Proceedings of the ACM: Human-Computer Interaction (CSCW), other venues. 3
  • 4. Problem: Cyberdefense (Non-) Adoption ▪ Computing systems are increasingly central to society. ▪ But, many people do not understand enough about how they work - or what cyber-threats to guard against. ▪ Meanwhile, global costs of cybercrime jumped >50% in 2019-20, to over $1T. Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 4 Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. “My Data Just Goes Everywhere:” User Mental Models of the Internet and Implications for Privacy and Security. In Symposium on Usable Privacy and Security (SOUPS), USENIX Association Berkeley, CA, 39–52. Retrieved from https://www.usenix.org/conference/soups2015/proceedings/presentation/kang Zhanna Malekos Smith, Eugenia Lostri, and James A Lewis. 2020. The Hidden Costs of Cybercrime. McAfee.
  • 5. Problem: Cyberdefense (Non-) Adoption ▪ Enterprise security training can cost around $300,000 + 100s of staff hours. ▪ Difficult to persuade users to accept and adopt security measures when they or their peers do not view these measures positively. Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 5 Tara Seals. 2017. Cost of User Security Training Tops $290K Per Year. Infosecurity Magazine. Retrieved January 20, 2021 from https://www.infosecurity-magazine.com:443/news/cost-of-user-security-training/ Cori Faklaris, Laura Dabbish, and Jason I Hong. 2019. A Self-Report Measure of End-User Security Attitudes (SA-6). In Proceedings of the Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), USENIX Association Berkeley, CA, Santa Clara, CA, 18. Retrieved from https://www.usenix.org/system/files/soups2019-faklaris.pdf Sauvik Das, Adam D.I. Kramer, Laura A. Dabbish, and Jason I. Hong. 2015. The Role of Social Influence in Security Feature Adoption. In Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing (CSCW ’15), ACM, New York, NY, USA, 1416–1426. DOI:https://doi.org/10.1145/2675133.2675225
  • 6. To reduce costs and improve awareness + adoption, we should apply insights from: ▪ social psychology, ▪ marketing, and ▪ public health. 6 Key Insight for Cyberdefense
  • 7. An empirical understanding of the cyberdefense adoption process will help us to specify the mental states and social influences acting at each step, leading to better targeting and timing of security interventions. 7 My Thesis
  • 8. 8 Cori Faklaris. 2021. Components of a Model of Cybersecurity Behavior Adoption. In Workshop on Security Information Workers. Retrieved from https://corifaklaris.com/files/Faklaris_WS IW2021_stagemodels.pdf ● Many models of behavior adoption focus on concepts of expectancy (how likely it is thought that a desired, instrumental outcome will occur) and value (how much the outcome has importance or utility). ● They do not account for time or how thinking evolves. Search string in Google Scholar using an "incognito" browser window in July 2021 Results fogg behavior model and cybersecurity 395 decisional balance theory and cybersecurity 1210 prospect theory and cybersecurity 13700 health belief model and cybersecurity 19500 theory of reasoned action and cybersecurity 18900 theory of planned behavior and cybersecurity 25000 protection motivation theory and cybersecurity 27800 technology acceptance model and cybersecurity 31300 Focus: Understand Process of Cyberdefense (Non-) Adoption Theoretical Modeling Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 8
  • 9. Theory of Planned Behavior (TPB) 9
  • 12. 12 Cori Faklaris. 2021. Components of a Model of Cybersecurity Behavior Adoption. In Workshop on Security Information Workers. Retrieved from https://corifaklaris.com/files/Faklaris_WS IW2021_stagemodels.pdf ● Stage models of behavior change account for the progress of time, breaking the continuum into chunks. ● The Transtheoretical Model sees change as a cyclical process, in which the associated processes of change help move people from one stage to the next. ● The Precaution Adoption Process Model break down “inaction” into unawareness, unengaged, undecided, and decided not to act; “action’ stages are like TTM. ● The Diffusion of Innovations process model accounts for more “action” stage changes such as confirmation, later adoption, and discontinuance of adoption. Search string in Google Scholar using an "incognito" browser window in July 2021 Results transtheoretical model and cybersecurity 112 precaution adoption process model and cybersecurity 9610 diffusion of innovations and cybersecurity 17300 Focus: Understand Process of Cyberdefense (Non-) Adoption Theoretical Modeling
  • 14. Diffusion of Innovations (DoI) Process Model 14
  • 15. RQ: What stages do people go through in adoption (or non-adoption) of cybersecurity behaviors? 15
  • 16. Phase 3 Method: Exploratory Sequential Mixed-Methods 16 John W. Creswell and J. David Creswell. 2017. Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. SAGE Publications. Retrieved from https://play.google.com/store/books/details?id=KGNADwAAQBAJ Surveys Interviews Analysis Survey Design Analysis Triangulation and Integration Phase 1 - Qualitative Phase 2 - Quantitative
  • 17. Mandatory adoption Cybersecurity has two different learning/ adoption trajectories Voluntary adoption 17 Learning Persuasion Adoption Learning Threat Authorities Adoption Threat Peers/Media Persuasion Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 17
  • 18. Implications: Specify how the stages might vary for different security measures For tool-based practices such as password managers, 2FA authentication: How many are aware of, motivated, and/or able to use each of the tools? How much do social influences and voluntariness weigh in the decision to adopt? Why do people stop using the tools, once adopted? For knowledge-based practices such as timely updates, alertness to “fake news”: How many people are aware of which practices have merit, and when? Which cognitions or contexts cue them to act out practices? Whiat defeats their intention to act out practices? 18 Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 18
  • 19. Outcome: Stage Model of Cybersecurity Behavior Adoption ▪ Moves the field of usable security away from “one size fits all” strategies ▪ Use to create a classification algorithm to direct resources, “interventions” (such as security tips or interface nudges) to those most likely to benefit. ▪ Boost effectiveness of cybersecurity risk assessments in resource-tight orgs ▪ Help adoption researchers to sharpen strategies, build business value Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 19
  • 20. Future work Collect experimental evidence for targeting security interventions by stage and by tool: ▪ Password managers ▪ Software updates Examine how this and/or other stage models, such as Diffusion of Innovations, can be adapted for enterprise teams Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 20
  • 21. Mandatory adoption What are your questions / feedback on these ideas? Voluntary adoption 21 Learning Persuasion Adoption Learning Threat Authorities Adoption Threat Peers/Media Persuasion Cori Faklaris • Carnegie Mellon University • corifaklaris.com • @heycori • 21