Risk perceptions of cyber-security and precautionary behaviour

Schaik, Paul van; Jeske, Debora; Onibokun, Joseph; Coventry, Lynne; Jansen, Jurjen; Kusev, Petko

doi:10.1016/j.chb.2017.05.038

Cited by 110 publications

(47 citation statements)

References 58 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…First, according to previous work (Adams, 2012), in general when people feel in control they act less cautiously. Our results support this idea (as in the domain of Internet security; Van Schaik et al, 2017), the more a Facebook user felt in control in relation to security-and privacy hazards overall, the less likely they were to have chosen specific safe privacy-and security settings.…”

Section: /50supporting

confidence: 75%

Security and privacy in online social networking: Risk perceptions and precautionary behaviour

Schaik

Jansen

Onibokun³

et al. 2018

Computers in Human Behavior

Self Cite

View full text Add to dashboard Cite

A quantitative behavioural online study examined a set of hazards that correspond with security-and privacy settings of the major global online social network (Facebook). These settings concern access to a user's account and access to the user's shared information (both security) as well as regulation of the user's information-sharing and user's regulation of others' information-sharing in relation to the user (both privacy). We measured 201 non-student UK users' perceptions of risk and other risk dimensions, and precautionary behaviour. First, perceptions of risk and dread were highest and precautionary behaviour was most common for hazards related to users' regulation of information-sharing. Other hazards were perceived as less risky and less precaution was taken against these, even though they can lead to breaches of users' security or privacy. Second, consistent with existing theory, significant predictors of perceived risk were attitude towards sharing information on Facebook, dread, voluntariness, catastrophic potential and Internet experience; and significant predictors of precautionary behaviour were perceived risk, control, voluntariness and Internet experience. Methodological implications emphasise the need for non-aggregated analysis and practical implications emphasise interventions to promote safe online social-network use.

show abstract

Section: /50supporting

confidence: 75%

Security and privacy in online social networking: Risk perceptions and precautionary behaviour

Schaik

Jansen

Onibokun³

et al. 2018

Computers in Human Behavior

Self Cite

View full text Add to dashboard Cite

show abstract

“…In the risk literature and PMT literature, risk perception has often been studied from a cognitive perspective (Loewenstein et al, 2001). Studies consider the impact of threat-related knowledge, voluntariness and control over exposure, newness, catastrophic potential and severity of consequences (van Schaik et al, 2017). Yet cognitive evaluations only partially explain variations in risk perceptions and riskrelated decision-making (Loewenstein et al, 2001).…”

Section: The Affect Heuristic In Cybersecurity Risk Perceptionmentioning

confidence: 99%

Risk as affect: The affect heuristic in cybersecurity

Schaik

Renaud

Wilson

et al. 2020

Computers & Security

Self Cite

View full text Add to dashboard Cite

This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of record. This version will undergo additional copyediting, typesetting and review before it is published in its final form, but we are providing this version to give early visibility of the article. Please note that, during the production process, errors may be discovered which could affect the content, and all legal disclaimers that apply to the journal pertain.

show abstract

“…As such, it is essentially a risk management mechanism. Van Schaik et al [170] identified a number of predictors of precautionary cyber security behaviors. Other researchers have carried out similar studies, also identifying particular predictors [67,79,164,103].…”

Section: Riskmentioning

confidence: 99%

“This is the way ‘I’ create my passwords” ... does the endowment effect deter people from changing the way they create their passwords?

Renaud

Otondo

Warkentin

2019

Computers & Security

View full text Add to dashboard Cite

The endowment effect is the term used to describe a phenomenon that manifests as a reluctance to relinquish owned artifacts, even when a viable or better substitute is offered. It has been confirmed by multiple studies when it comes to ownership of physical artifacts. If computer users also "own", and are attached to, their personal security routines, such feelings could conceivably activate the same endowment effect. This would, in turn, lead to their overestimating the "value" of their existing routines, in terms of the protection they afford, and the risks they mitigate. They might well, as a consequence, not countenance any efforts to persuade them to adopt a more secure routine, because their comparison of pre-existing and proposed new routine is skewed by the activation of the endowment effect. In this paper, we report on an investigation into the possibility that the endowment effect activates when people adopt personal password creation routines. We did indeed find evidence that the endowment effect is likely to be triggered in this context. This constitutes one explanation for the failure of many security awareness drives to improve password strength. We conclude by suggesting directions for future research to confirm our findings, and to investigate the activation of the effect for other security routines.

show abstract

Risk perceptions of cyber-security and precautionary behaviour

Cited by 110 publications

References 58 publications

Security and privacy in online social networking: Risk perceptions and precautionary behaviour

Security and privacy in online social networking: Risk perceptions and precautionary behaviour

Risk as affect: The affect heuristic in cybersecurity

“This is the way ‘I’ create my passwords” ... does the endowment effect deter people from changing the way they create their passwords?

Contact Info

Product

Resources

About