Innovative Behavioral IS Security and Privacy Research

Permanent URI for this collection


Recent Submissions

Now showing 1 - 5 of 10
  • Item
    Lessons Learned from an Information Security Incident: A Practical Recommendation to Involve Employees in Information Security
    ( 2018-01-03) Tatu, Teodora ; Ament, Clara ; Jaeger, Lennart
    With the increasingly negative impact of information security attacks, measures of information security, which address the weakest link in the information security chain, namely the employee, have become a necessity for today’s business world. One way to improve employees’ - yet limited - information security awareness is to learn from past information security incidents. This study theoretically builds upon the so called involvement theory to extend the existing research on information security awareness. Insights gained from 34 interviews suggest that involvement accompanied with a detailed review of past security incidents has a positive effect on staff’s information security awareness. Employees, directly affected by an information security incident, gain significant information security expertise and knowledge which they can, again, share with their colleagues. Moreover, constructive team work in the light of information security risks as well as an adequate adjustment of security-related measures is fostered.
  • Item
    CybHER: A Method for Empowering, Motivating, Educating and Anchoring Girls to a Cybersecurity Career Path
    ( 2018-01-03) Rowland, Pam ; Podhradsky, Ashley ; Plucker, Shephanie
    There are challenging problems to solve in cybersecurity. We must engage women as an untapped resource in our national effort to protect our country and critical infrastructure. Developing original ways to engage young women serves to address this recognized national need for recruitment through security education at the K-12 and undergraduate level. This would further address the widening gap between the availability and demand for qualified and diverse security professionals. Designing security iterations that are creative, socially relevant, and accessible to an underrepresented population in cybersecurity is a challenge that informs how education and outreach can be performed within other contexts. This research will discuss the CybHER model for engaging and supporting young women in cybersecurity while anchoring them to this field. By providing 5 different interventions, CybHER seeks to empower, motivate, educate, and anchor girls to cybersecurity. Further, existing CybHER outreach activities and lessons will be discussed.
  • Item
    Exploring the Propagation of Fake Cyber News: An Experimental Approach
    ( 2018-01-03) Maasberg, Michele ; Ayaburi, Emmanuel ; Liu, Charles ; Au, Yoris
    The rising trend of fake news in cyberspace has escalated with increasing velocity of information exchange and an explosion of information sources. Combating fake news in the cyber security context is important due to its use as a content-based social engineering attack, or weaponization of information to compromise corporate information assets. This research aims to explore the proliferation of this type of threat through initial empirical analysis of propagation of cyber news with particular emphasis on potential for generation of weaponized information in the form of fake cyber news. Antecedents of the propagation of cyber news were examined using the Theory of Engagement. An exploratory experiment was conducted with 84 subjects in the field of cyber security on a social network platform. An analysis of the data showed that aesthetics and readability were important factors at the point of entry, but after initial engagement with the news, only novelty influenced propagation.
  • Item
    Too Crowded to Disclose! Exploring the Relationship Between Online Crowdedness and Self-Disclosure
    ( 2018-01-03) Choi, HanByeol Stella ; Kwak, Chanhee ; Lee, Junyeong ; Lee, Heeseok
    Nowadays, people communicate with many others online. Of the online sites, product review pages have become an important communication medium on which consumers share information about a product. Drawing upon this trend, we examined the factors that affect reviewers’ self-disclosure behavior. Prior studies have found that privacy behaviors such as self-disclosure are affected by diverse contextual factors. In this study, we propose that online crowdedness is an important contextual factor for self-disclosure behavior. Using review data from the largest online apparel rental site in the U.S., we empirically explored the relationship between online crowdedness and self-disclosure behavior. The result shows that online crowdedness can discourage self-disclosure behavior.
  • Item
    Optimizing Privacy Policy Videos to Mitigate the Privacy Policy Paradox
    ( 2018-01-03) Keith, Mark J. ; Frederickson, Jacob T. ; Reeves, K. Shane ; Babb, Jeffry
    This research takes a design science approach to improving privacy policies through the design and use of mediated content, such as video. Research has emerged to indicate that privacy policies communicated through video (separate from-”and in addition to-”traditional textual privacy policy documents) are more effective at engendering trust, decreasing perceived risk, and encouraging information disclosure than textual privacy policies, which are seldom read or understood. We extend this research by examining design factors such as narrator gender, animation style, music tone, and color scheme. We implemented a field experiment and survey to determine how variations in these design elements affect consumers’ perceived risk, perceived benefits, and disclosure decisions. The results indicate that the most effective privacy policy videos use female narrators with vibrant color palettes and light musical tones. The animation style (animated imagery versus animated text) has no effect on consumers’ perceived risk/benefits or disclosure decisions.