Despite frequent reports of losses due to computer security breaches, many individuals still do not follow basic safety precautions. Understanding the mental processes that motivate users to follow safe practices is key to strengthening this weak link in the security chain. Using protection motivation theory (PMT), a model within the class of social cognitive theories (SCT), we develop and assess the value of interventions strategies to enhance safe online behaviors. Furthermore, we integrate the concept of personal responsibility within the PMT approach to better understand what motivates safe, online behaviors. The online safety interventions were tested using a 2 (intervention strategy: manipulated) × 2 (personal responsibility: manipulated) × 2 (knowledge: measured and blocked), between subjects with random assignment to experimental conditions and online safety behavior intentions as the targeted outcome. Based on SCT principles of behavior change, two intervention strategies were developed, one that semantically explained behaviors, and one that offered the user an enactive mastery exercise. The sample was cross-sectional and representative of Internet users. Results showed a significant three-way interaction effect among personal responsibility, the intervention strategy and prior knowledge. Enhancing a user’s sense of personal responsibility appears to be a necessary precursor to effective online safety interventions, but not necessarily sufficient; the intervention strategy should match the knowledge level of the user to enhance online safety behaviors.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...