This study aims to understand the IT threat avoidance behaviors of personal computer users. We tested a research model derived from Technology Threat Avoidance Theory (TTAT) using survey data. We find that users’ IT threat avoidance behavior is predicted by avoidance...
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
To see the latest studies from pioneering academics, scroll down.
Understanding and transforming organizational security culture
The paper is based on the findings and conclusions of research, observations and projects carried out in large organizations over the last two decades. It highlights failings and critical success factors in contemporary approaches to transform organizational culture....
Assessing the impact of security culture and the employee-organization relationship on IS security compliance
IS security advocates recommend strategies that shape user behavior as part of an overall information security management program. A major challenge for organizations is encouraging employees to comply with IS security policies. This paper examines the influence of...
Fear appeals and information security behavior: An empircal study
Information technology executives strive to align the actions of end users with the desired security posture of management and of the firm through persuasive communication. In many cases, some element of fear is incorporated within these communications. However,...
Jumping security hurdles
It is widely recognised that success in tackling security issues often depends upon acknowledgement and action by individuals. To quote Amit Yoran, erstwhile director of the National Cyber Security Division within the US Department of Homeland Security: “The human...
Influence of awareness and training on cyber security
This article presents the results of a study to determine the impact of a cyber threat education and awareness intervention on changes in user security behavior. Subjects were randomly assigned to one of two introductory lectures about cyber threats due to poor...
Perception of information security
The objective of this study was to investigate people’s perception of information security and to unveil the factors that influence people’s perception of different threats to information security. In the survey study, 602 respondents were asked to evaluate one of 21...
Does the technology acceptance model predict actual use? A systematic literature review
This review examines the evidence that the technology acceptance model predicts actual technology usage using both subjective and objective measures of actual usage.
The psychology of password management: A tradeoff between security and convenience
Despite technological advances, humans remain the weakest link in internet security. In this paper, we examined user motivation behind five password management behaviors, e.g. selecting a password for the first time. We found that despite the fact that users know...
Using reinforcement to strengthen users’ secure behaviors
Users have a strong tendency toward dismissing security dialogs unthinkingly. Prior research has shown that users' responses to security dialogs become significantly more thoughtful when dialogs are polymorphic, and that further improvements can be obtained when...