This paper discusses the prevalent issue of users often dismissing security dialogs without much thought. Previous research has demonstrated that user responses to security dialogs become significantly more thoughtful when the dialogs are polymorphic, and further improvements can be achieved when the dialogs are audited and auditors penalize users for unreasonable responses. This paper presents an Operant Conditioning model that aligns with these observations and introduces Security Reinforcing Applications (SRAs). SRAs aim to reward users for secure behavior, as opposed to penalizing insecure behavior. User studies indicate that SRAs enhance users’ secure behaviors and that behaviors reinforced in this manner do not diminish even after several weeks of non-interaction with SRAs. Additionally, the paper proposes Vicarious Security Reinforcement (VSR), inspired by Social Learning theory. A user study shows that VSR speeds up the benefits of SRAs.
The Impact of Workload on Phishing Susceptibility: An Experiment
Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading...