Heuristics and biases in cyber security dilemmas

We carried out two behavioural experiments to investigate if and how cybersecurity decision-making responses are influenced by gain-loss framing and the prominence of a primed recall of a previous experience. In the first experiment, we adjusted the frame (gain vs. loss) and the presence or absence of a previous near-miss experience. The findings suggested that having a near-miss experience significantly increased respondents’ selection of safer response options under a gain frame. Additionally, female respondents were more likely to choose a risk-averse (safe) response compared to males. The second experiment framed all outcomes in a loss frame and manipulated recall to include one of three potential prior experiences: false alarm, near-miss, or a hit that led to data loss. The manipulated previous hit experience significantly increased the likelihood of respondents endorsing a safer response relative to the manipulated prior near-miss experience. In contrast, the manipulated prior false-alarm experience significantly decreased respondents’ likelihood of endorsing a safer response relative to the manipulated prior near-miss experience.