//Research Library 

Our research library is the world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.

To see the latest studies from pioneering academics, scroll down.

 

 

Filter your results:

2018
Jan, 2018

WFE Staff Behavior and Culture Best Practice Guidelines

A set of best practice guidelines published by the WFE designed to encourage a culture of cyber security compliance, including ideas on behavioural incentives, cultural incentives and operational support.

 

Read full paper

 

 

Authors: WFE

2017
Nov, 2017

Employee Information Security Beliefs in the Home Environment

Through a series of qualitative interviews with 19 participants, this study looked into and reported several factors influencing employees’ security behaviour at home.

 

Read full paper

 

 

Authors: Joseph Omidosu, Jacques Ophoff

Nov, 2017

The Socio-Technical Impact on Security of the Healthcare Internet of Things in the Use of Personal Monitoring Devices (PMDs)

This paper sets out a framework that might allow those who use healthcare personal monitoring devices (such as fitness trackers) to better protect their personal information.

 

Read full paper

 

 

Authors: Asanka I Pathirana, Patricia A H Williams

Nov, 2017

What Do They Really Think? Overcoming Social Acceptability Bias in Information Security Research

This study used two techniques to ensure people accurately reported attitudes on information security in the workplace. A key finding was those who believed information security to be the responsibility of the organisation felt security risks to be overstated, whereas those who believed information security to be the responsibility of individuals felt warnings over security risks were valid and justified.

 

Read full paper

 

 

Authors: D. Ashenden

Nov, 2017

Understanding susceptibility to phishing emails: Assessing the impact of individual differences and culture

This study looked into how individual differences and national culture impacted participants’ responses to phishing and spear-phishing emails. The study found a national culture that promoted the needs of the individual (rather than the needs of society) increased the likelihood of phishing and spear-phishing emails being accurately identified. The same study found impulsiveness decreased the chances of phishing emails being identified but the same was not true of spear-phishing emails. Finally, the study found individual differences had an effect on user’s ability to spot malicious emails.

 

Read full paper

 

 

Authors: Marcus Butavicius, Kathryn Parsons, Malcolm Pattinson, Agata McCormac, Dragana Calic, Meredith Lillie

Nov, 2017

Understanding the Relationships between Resilience, Work Stress and Information Security Awareness

This study examined the relationship between Information Security Awareness (ISA), resilience and work stress, finding greater resilience to be associated with higher ISA and lower work stress.

 

Read full paper

 

 

Authors: Agata McCormac, Dragana Calic, Marcus Butavicius, Kathryn Parsons, Malcolm Pattinson, Meredith lillie

Nov, 2017

Securing Mobile Devices: Evaluating the Relationship between Risk Perception, Organisational Commitment and Information Security Awareness

This study examined the relationship between perception of risk, organisational commitment, and Information Security Awareness (ISA), finding both organisational commitment and perception of personal risk to be significant predictors of ISA. Surprisingly, frequency of workplace information security training negatively affected ISA.

 

Read full paper

 

 

Authors: A. Reeves, K. Parsons and D. Calic

Oct, 2017

How to Launch a Behavior-Change Revolution

A team spear-headed by University of Pennsylvania researchers have launched an ambitious research project called Behavior Change for Good. The project will attempt to determine the best behavioural-change practices in three areas: health, education and personal finance. It will test many ideas with the ultimate aim of uncovering how best to change human behaviour.

 

Read full paper

 

 

Authors: Steven D Levitt & Steven J Dubner

Oct, 2017

Phish Phinder: A Game Design Approach to Enhance User Confidence in Mitigating Phishing Attacks

This paper proposes and sets out the framework for the development of a game designed to help educate users about phishing attacks. The proposed game draws on academic research and would take the form a series of challenges that inherently educate users about phishing concepts.

 

Read full paper

 

 

Authors: Gaurav Misra, N.A.G. Arachchilage and Shlomo Berkovsky

Oct, 2017

If someone is watching, I’ll do what I’m asked: mandatoriness, control, and information security

This research finds people are motivated to follow security procedures when they believe the procedures to be compulsory, and that both specifying policies and evaluating behaviors help position security policies as mandatory. It follows that specifying policies and evaluating behaviours is more likely to lead to security procedures being followed.

 

Read full paper

 

 

Authors: Scott R Boss, Laurie J Kirsch, Ingo Angermeier, Raymond A Shingler, R Wayne Boss

Want to suggest an addition to our research library?

Suggest