It has been widely recognised in the psychology of cyber security literature that ordinary users rather than technology systems are the weakest link in cyber security. The present study focused on assessing the cyber security judgment of 462 college students as a specific group of ordinary users in order to further identify specific weakest links of the weakest link. It was found that (1) the average percentage correct for cybersecurity judgement among the 462 students was 65%, (2) 104 (23%) students showed the lowest correct judgements (below 50%), (3) two of 16 cyber security items received the lowest correct judgement (below 50%), and (4) students’ correct rational judgment (64%) was not significantly higher than their correct intuitive judgement (66%).
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...