We carried out two behavioural experiments to investigate if and how cybersecurity decision-making responses are influenced by gain-loss framing and the prominence of a primed recall of a previous experience. In the first experiment, we adjusted the frame (gain vs. loss) and the presence or absence of a previous near-miss experience. The findings suggested that having a near-miss experience significantly increased respondents’ selection of safer response options under a gain frame. Additionally, female respondents were more likely to choose a risk-averse (safe) response compared to males. The second experiment framed all outcomes in a loss frame and manipulated recall to include one of three potential prior experiences: false alarm, near-miss, or a hit that led to data loss. The manipulated previous hit experience significantly increased the likelihood of respondents endorsing a safer response relative to the manipulated prior near-miss experience. In contrast, the manipulated prior false-alarm experience significantly decreased respondents’ likelihood of endorsing a safer response relative to the manipulated prior near-miss experience.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....