Individual perceptions of cybersecurity and risk management
Individual perceptions of cybersecurity and risk management
Seeing human actors as a primary target for cybersecurity attacks suggests that awareness of threats and the willingness to implement controls may be lacking. Previous studies have identified context, demographic characteristics, and self-efficacy to be key factors influencing security-enhancing behaviours among private individuals. In this study, 801 UK private individuals responded to an anonymous online survey, identifying their ability to recognise threats and controls, who they believe responsible for implementing controls, and their general willingness to engage with cybersecurity via a Protection Motivation Theory behavioural model. Using a healthcare data context, results indicate that private individuals can identify threats, controls, and match them. They rarely, however, see themselves responsible for the security of their data. Further, an explanatory factor analysis suggests that decision making involved background considerations rather than a simple cost-benefit analysis or cognitive assessment of cybersecurity controls. This work adds to a growing body of literature which highlights that human actors are cybersecurity aware, but that they perceive the broader context to be relevant to their decision making. As such, it provides insights to consider in response to making technology end-users part of the solution to cybersecurity threats.
Cybersecurity, Digital security, Risk perception, Threat, Control, Priming, Responsibility, Healthcare data, Protection motivation theory, Exploratory Factor Analysis
Pickering, Brian
225088d0-729e-4f17-afe2-1ad1193ccae6
Taylor, Steve
9ee68548-2096-4d91-a122-bbde65f91efb
Pickering, Brian
225088d0-729e-4f17-afe2-1ad1193ccae6
Taylor, Steve
9ee68548-2096-4d91-a122-bbde65f91efb
Pickering, Brian and Taylor, Steve
(2024)
Individual perceptions of cybersecurity and risk management.
Open Research Europe.
(In Press)
Abstract
Seeing human actors as a primary target for cybersecurity attacks suggests that awareness of threats and the willingness to implement controls may be lacking. Previous studies have identified context, demographic characteristics, and self-efficacy to be key factors influencing security-enhancing behaviours among private individuals. In this study, 801 UK private individuals responded to an anonymous online survey, identifying their ability to recognise threats and controls, who they believe responsible for implementing controls, and their general willingness to engage with cybersecurity via a Protection Motivation Theory behavioural model. Using a healthcare data context, results indicate that private individuals can identify threats, controls, and match them. They rarely, however, see themselves responsible for the security of their data. Further, an explanatory factor analysis suggests that decision making involved background considerations rather than a simple cost-benefit analysis or cognitive assessment of cybersecurity controls. This work adds to a growing body of literature which highlights that human actors are cybersecurity aware, but that they perceive the broader context to be relevant to their decision making. As such, it provides insights to consider in response to making technology end-users part of the solution to cybersecurity threats.
Text
Private_Citizen_Perceptions_of_Cybersecurity_06022024
- Author's Original
Text
Private_Citizen_Perceptions_of_Cybersecurity_06022024
- Accepted Manuscript
More information
Submitted date: 12 February 2024
Accepted/In Press date: 16 April 2024
Keywords:
Cybersecurity, Digital security, Risk perception, Threat, Control, Priming, Responsibility, Healthcare data, Protection motivation theory, Exploratory Factor Analysis
Identifiers
Local EPrints ID: 487541
URI: http://eprints.soton.ac.uk/id/eprint/487541
PURE UUID: b8918823-e122-4f37-9ac5-ba5b17c4845d
Catalogue record
Date deposited: 23 Feb 2024 17:32
Last modified: 08 Aug 2024 04:01
Export record
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics