The Internet of Things (IoT) is considered the next technological revolution. IoT devices include once everyday
objects that are now internet connected, such as smart locks and smart fridges, but also new types of devices to
include home assistants. However, while this increased interconnectivity brings considerable benefts, it can and does
increase people’s exposure to crime risk. This is particularly the case as most devices are developed without security
in mind. One reason for this is that there is little incentive for manufacturers to make devices secure by design, and
the costs of so doing do not encourage it. The principle aim of the current paper was to estimate the extent to which
consumers are willing to pay for improved security in internet connected products. The second aim was to examine
whether this is conditioned by their exposure to security-related information. Using an experimental design, and a
contingent valuation method, we fnd that people are willing to pay for improved security and that for some devices,
this increases if they are exposed to information about security prior to stating their willingness to pay. The implications of our fndings for industry and the secure by design agenda are discussed.
Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice.
The idea that people should form positive security habits is gaining increasing attention amongst security...