Despite technological advances, humans remain the weakest link in internet security. In this paper, we examined user motivation behind five password management behaviors, e.g. selecting a password for the first time. We found that despite the fact that users know what constitutes a good/bad password and know which common password management practices, e.g., taping a password to a computer, are inappropriate, users engage in these behaviors because they do not see any immediate negative consequences to themselves (negative externalities) and because of the security-convenience tradeoff. We found that this tradeoff can be positively influenced by imposing a time frame factor.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...