Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
A pilot study of cyber security and privacy related behavior and personality traits
This study examines the correlation between the Big Five personality traits (extraversion, agreeableness, openness, conscientiousness, and neuroticism) and email phishing response. It finds neuroticism to be most correlated with email phishing susceptibilty.
Enhancing password security through interactive fear appeals: A web-based field experiment
Passwords remain the dominant authentication mechanism for information security. Unfortunately, research has shown that most passwords are highly insecure. Given the risks of using weak passwords, there is a need to effectively motivate users to select strong...
Employees’ information security awareness and behavior: A literature review
Today's organizations are highly dependent on information management and processes. Information security is one of the top issues for researchers and practitioners. In literature, there is consent that employees are the weakest link in IS security. A variety of...
Improving internet security through social information and social comparison: A field quasi-experiment
Cybersecurity is a national priority in this big data era. Because of negative externalities and the resulting lack of economic incentives, companies often underinvest in security controls, despite government and industry recommendations. Although many existing...
Passwords usage and human memory limitations: A survey across age and educational background
The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were...
Phishing counter measures and their effectiveness – literature review
Phishing, a pervasive form of social engineering crime on the web, presents significant challenges due to its escalating occurrences and evolving techniques. This study reviews existing phishing literature and countermeasures to assess the progress and advancement of...
Computer self-efficacy : A meta-analysis
Computer self-efficacy (CSE) has been a popular and important construct in information systems research for more than two decades. Although CSE researchers have conducted extensive qualitative reviews, quantitative analyses are lacking for studies of the relationships...
The effects of multilevel sanctions on information security violations: A mediating model
We proposed and empirically tested a mediating model for examining the effects of multilevel sanctions on preventing information security violations in the workplace. The results of the experiment suggested that personal self-sanctions and workgroup sanctions have...
Software updates as a security metric: Passive identification of update trends and effect on machine infection
Botnets have become a vital part of underground economy and botherders are actively looking for new recruits to join their bot army. A lapse by an end user or an administrator in terms of not updating their software enables the botherder to achieve this objective. In...
The millennial cybersecurity project improving awareness of and modifying risky behavior in cyberspace
The underlying premise of the Millennial Cybersecurity Project is that the best way to communicate with millennials is through the language of technology. Most organizations today employ communications strategies that are better suited to previous generations. Instead...
Exploring the role of individual employee characteristics and personality on employee compliance with cybersecurity policies
This study finds individuals with differing personality traits react differently to the same conditions, and thus cyber security training should be tailored based on individual needs.
Similarities and differences between working memory and long-term memory: Evidence from the levels-of-processing span task
This paper tests the effects of depth of processing on both working memory and long-term memory. The results indicate that the depth of processing had little effect on working memory tests; however, the typical benefits of semantic processing was seen in long term...
On the security of password manager database formats
Findings from this paper show that most password managers are easily broken and use storage formats that are easily accessible, even to weak adversaries. The work does, however, show that it is possible to theoretically construct a format that is secure, that’s usable...
Research article phishing susceptibility: An investigation into the processing of a targeted spear phishing email
Research problem: Phishing is an email-based scam where a perpetrator camouflages emails to appear as a legitimate request for personal and sensitive information. Research question: How do individuals process a phishing email, and determine whether to respond to it?...
The psychology of security for the home computer user
The home computer user is often said to be the weakest link in computer security. They do not always follow security advice, and they take actions, as in phishing, that compromise themselves. In general, we do not understand why users do not always behave safely,...
Security services as coping mechanisms: An investigation into user intention to adopt an email authentication service
Email plays an important role in the digital economy but is threatened by increasingly sophisticated cybercrimes. A number of security services have been developed, including an email authentication service designed to cope with email threats. It remains unknown how...
Compliant sinners, obstinate saints: How power and self-focus determine the effectiveness of social influences in ethical decision making
Researchers test how power and self-focus moderate the effectiveness of social influence in decision-making. They find those with more power and self-focus to be less affected by social influence when making ethical decisions.
Stories as informal lessons about security
Non-expert computer users frequently face security-related decisions, and while their choices are often not optimal, they are not random. This raises the question: what informs these decisions? Our research posits that these decisions are largely influenced by stories...
Designing a mobile game to teach conceptual knowledge of avoiding ‘phishing attacks’
Phishing is a form of online identity theft, which attempts to appropriate confidential and sensitive information such as usernames and passwords from its victims. To facilitate cyberspace as a secure environment, phishing education needs to be made accessible to home...
Training users to counteract phishing
Phishing is an increasingly more prevalent form of online, social engineered scams that escalate costs and risks to society year to year. This study demonstrates an association between anti-phishing training techniques used in previous research and individual...
Children’s cyber-safety and protection in Australia: An analysis of community stakeholder views
Protecting children from the risks posed by negative influences in the online environment (that is, cyber-safety) is a growing concern within the Australian community. In this study, the views of 151 individuals and community stakeholder organizations, which represent...