Non-expert computer users frequently face security-related decisions, and while their choices are often not optimal, they are not random. This raises the question: what informs these decisions? Our research posits that these decisions are largely influenced by stories shared by others. Through a survey involving open and closed questions about security stories, we discovered that most individuals glean lessons from informal security incident narratives shared by friends and family. These narratives shape people’s security perceptions and impact their subsequent security-related decision-making. Moreover, many individuals relay these stories to others, suggesting that a single narrative can potentially influence multiple people. By understanding how non-experts learn from these stories and the types of narratives they learn from, we can develop new strategies to aid them in making more informed security decisions.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....