Risk as affect: The affect heuristic in cybersecurity

Schaik, Paul van; Renaud, Karen; Wilson, Christopher J.; Jansen, Jurjen; Onibokun, Joseph

doi:10.1016/j.cose.2019.101651

Cited by 24 publications

(19 citation statements)

References 76 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A small and recent body of literature (for example: Lawson et al, 2016; Stacey et al, 2021; van Schaik et al, 2020) has begun to focus on the impact of emotion on cyber‐security. There has recently been a call for better research tools that are able to disentangle the relationship between emotion and cyber‐security (Renaud et al, 2021).…”

Section: Discussionmentioning

confidence: 99%

How do Older Adults feel about engaging with Cyber‐Security?

Morrison

Coventry

Briggs

2021

Human Behav and Emerg Tech

View full text Add to dashboard Cite

Older adults are increasingly a target for cyber‐attacks; however, very little research has investigated how they feel about engaging in protective cyber‐security behaviors. We developed and applied a novel card‐sorting task to elicit how older adults feel about protective cyber‐security behaviors and to identify the factors that impact their confidence in executing these behaviors. Nineteen task‐assisted interviews were conducted with UK older adults. A thematic analysis revealed that older adults see protective online behaviors as important, but their reasons for disengagement fell into three categories: I do not want to (essentially, because the costs outweigh the benefits), I do not need to (e.g. because it is not my responsibility), and I am unable to (which includes heightened anxiety about doing something wrong). Underlying confidence around engagement with protective behaviors was a function of three factors: personal competence (related to good computer self‐efficacy and relevant past experience), support (having a good network for information and advice), and demand (the effort of keeping up to date with the latest advice). Ultimately, we found that older adults are keen to protect themselves but are lacking appropriate support and we discuss implications for developers, researchers, and policy makers. This paper explores older adults' perceptions of common cyber‐security behaviors. We introduce an effective card sorting methodology for security elicitation in older adults. We apply this to identify reasons as to why older adults may not engage in security behaviors as well as identifying a number of reasons why older adults actively avoid engaging in security behaviors.

show abstract

Section: Discussionmentioning

confidence: 99%

How do Older Adults feel about engaging with Cyber‐Security?

Morrison

Coventry

Briggs

2021

Human Behav and Emerg Tech

View full text Add to dashboard Cite

show abstract

“…Additionally, since the pandemic is quite dangerous, the individual's perception of the level of danger of the pandemic also influences their judgment and processing of information [44]. From another point of view, individuals who perceive a high risk will develop a certain level of anxiety and fear [49]. As suggested by the affect heuristic theory, decision makers' emotions affect their ability to process risk information, prompting the prospective entrepreneurs to make irrational information evaluations and thus influencing their decisions.…”

Section: Perceived Risk Moderates the Relationship Between Ei And Eamentioning

confidence: 99%

College Students’ Entrepreneurial Intention and Alertness in the Context of the COVID-19 Pandemic

Zhang

Zhou

et al. 2022

Sustainability

View full text Add to dashboard Cite

This research aims to explore how the COVID-19 pandemic has affected college students’ entrepreneurial intention (EI), as well as whether the well-studied link between entrepreneurial alertness (EA) and EI is involved. Data were collected from 612 respondents, and using the stepwise regression method we examined the moderating role of college students’ perceived risk of COVID-19 on the connection between EA and EI. The results show that students’ perceived risk of COVID-19 reduces their EI. Furthermore, the perceived risk of COVID-19 attenuates the relationship between EA and EI. Specifically, those who perceived a greater risk tended to show lower EI. This article contributes to a better understanding of how the relationship between EA and EI has changed during the pandemic.

show abstract

“…As Acquisti [22] pointed out, normative models do not properly explain privacy decisions, and "it is unrealistic to expect individual rationality in this context," as users mostly "resort to simple heuristics." However, there has been little investigation into the nature and specific role of heuristics in information security [16][17][18][19]. Over the years, several studies sporadically delve into the role of bounded rationality and heuristics.…”

Section: Literature Reviewmentioning

confidence: 99%

“…Despite advances in various other fields [6,[11][12][13][14], fewer number of studies have investigated the role of heuristics in information security literature [15][16][17][18][19]. Many prior heuristics-related studies include research commentary, review, and call for research studies, which have suggested that heuristics may influence security decision making but have not empirically investigated their role [15,20].…”

Section: Introductionmentioning

confidence: 99%

The Role of Heuristics in Information Security Decision Making

Bahreini¹,

Cenfetelli²,

Cavusoglu³

2022

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Inadvertent human errors (e.g., clicking on phishing emails or falling for a spoofed website) have been the primary cause of security breaches in recent years. To understand the root cause of these errors and examine practical solutions for users to overcome them, we applied the theory of bounded rationality and explored the role of heuristics (i.e., short mental processes) in security decision making. Interviews with 27 participants revealed that users rely on various heuristics to simplify their decision making in the information security context. Specifically, users rely on experts' comments (i.e., expertise heuristic), information at hand, such as recent events (i.e., availability heuristic), and security-representative visual cues (i.e., representativeness heuristic). Findings also showed the use of other heuristics, including affect, brand, and anchoring, to a lesser degree. The results have practical and theoretical significance. In particular, they extend the literature by integrating bounded rationality concepts and elaborating "how" users simplify their security decision making by relying on cognitive heuristics.

show abstract

Risk as affect: The affect heuristic in cybersecurity

Cited by 24 publications

References 76 publications

How do Older Adults feel about engaging with Cyber‐Security?

How do Older Adults feel about engaging with Cyber‐Security?

College Students’ Entrepreneurial Intention and Alertness in the Context of the COVID-19 Pandemic

The Role of Heuristics in Information Security Decision Making

Contact Info

Product

Resources

About