Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Passwords usage and human memory limitations: A survey across age and educational background
The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were...
Phishing counter measures and their effectiveness – literature review
Phishing, a pervasive form of social engineering crime on the web, presents significant challenges due to its escalating occurrences and evolving techniques. This study reviews existing phishing literature and countermeasures to assess the progress and advancement of...
Computer self-efficacy : A meta-analysis
Computer self-efficacy (CSE) has been a popular and important construct in information systems research for more than two decades. Although CSE researchers have conducted extensive qualitative reviews, quantitative analyses are lacking for studies of the relationships...
The effects of multilevel sanctions on information security violations: A mediating model
We proposed and empirically tested a mediating model for examining the effects of multilevel sanctions on preventing information security violations in the workplace. The results of the experiment suggested that personal self-sanctions and workgroup sanctions have...
Software updates as a security metric: Passive identification of update trends and effect on machine infection
Botnets have become a vital part of underground economy and botherders are actively looking for new recruits to join their bot army. A lapse by an end user or an administrator in terms of not updating their software enables the botherder to achieve this objective. In...
The millennial cybersecurity project improving awareness of and modifying risky behavior in cyberspace
The underlying premise of the Millennial Cybersecurity Project is that the best way to communicate with millennials is through the language of technology. Most organizations today employ communications strategies that are better suited to previous generations. Instead...
Exploring the role of individual employee characteristics and personality on employee compliance with cybersecurity policies
This study finds individuals with differing personality traits react differently to the same conditions, and thus cyber security training should be tailored based on individual needs.
Similarities and differences between working memory and long-term memory: Evidence from the levels-of-processing span task
This paper tests the effects of depth of processing on both working memory and long-term memory. The results indicate that the depth of processing had little effect on working memory tests; however, the typical benefits of semantic processing was seen in long term...
On the security of password manager database formats
Findings from this paper show that most password managers are easily broken and use storage formats that are easily accessible, even to weak adversaries. The work does, however, show that it is possible to theoretically construct a format that is secure, that’s usable...
Research article phishing susceptibility: An investigation into the processing of a targeted spear phishing email
Research problem: Phishing is an email-based scam where a perpetrator camouflages emails to appear as a legitimate request for personal and sensitive information. Research question: How do individuals process a phishing email, and determine whether to respond to it?...
The psychology of security for the home computer user
The home computer user is often said to be the weakest link in computer security. They do not always follow security advice, and they take actions, as in phishing, that compromise themselves. In general, we do not understand why users do not always behave safely,...
Security services as coping mechanisms: An investigation into user intention to adopt an email authentication service
Email plays an important role in the digital economy but is threatened by increasingly sophisticated cybercrimes. A number of security services have been developed, including an email authentication service designed to cope with email threats. It remains unknown how...
Compliant sinners, obstinate saints: How power and self-focus determine the effectiveness of social influences in ethical decision making
Researchers test how power and self-focus moderate the effectiveness of social influence in decision-making. They find those with more power and self-focus to be less affected by social influence when making ethical decisions.
Stories as informal lessons about security
Non-expert computer users frequently face security-related decisions, and while their choices are often not optimal, they are not random. This raises the question: what informs these decisions? Our research posits that these decisions are largely influenced by stories...
Designing a mobile game to teach conceptual knowledge of avoiding ‘phishing attacks’
Phishing is a form of online identity theft, which attempts to appropriate confidential and sensitive information such as usernames and passwords from its victims. To facilitate cyberspace as a secure environment, phishing education needs to be made accessible to home...
Training users to counteract phishing
Phishing is an increasingly more prevalent form of online, social engineered scams that escalate costs and risks to society year to year. This study demonstrates an association between anti-phishing training techniques used in previous research and individual...
Children’s cyber-safety and protection in Australia: An analysis of community stakeholder views
Protecting children from the risks posed by negative influences in the online environment (that is, cyber-safety) is a growing concern within the Australian community. In this study, the views of 151 individuals and community stakeholder organizations, which represent...
Information security policies: A content analysis
Among information security controls, the literature gives a central role to information security policies. However, there is a reduced number of empirical studies about the features and components of information security policies. This research aims to contribute to...
Featured talk: Measuring secure behavior: A research commentary
This paper suggests future research to delve into the motivations of individuals who breach organizational security, aiming to understand the connection between security intentions and behavior.
Future directions for behavioral information security research
Information Security (InfoSec) research is far reaching and includes many approaches to deal with protecting and mitigating threats to the information assets and technical resources available within computer based systems. Although a predominant weakness in properly...
Probing the front Lines: Pollworker perceptions of security & privacy
Voting technologies have undergone intense scrutiny in recent years. In contrast, the human components of these socio-technical systems, including the policies and procedures that guide and bind behavior have received less attention. To begin to understand pollworker...