Rewind

Recently, the role of human behavior has become a focal point in the study of information security countermeasures. However, few empirical studies have been conducted to test social engineering theory and the reasons why people may or may not fall victim, and even...

Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyberattacks. Cybersecurity culture is a set of the attitudes, assumptions, beliefs, values and knowledge that people use in their interaction with the...

This paper focuses on victims of financial crimes. It describes the impact of this financial crime, the need for services to assist both victims and their families and 12 programs that assist the victims of financial crime.  

Organizations and individuals are increasingly impacted by misuses of information that result from security lapses. Most of the cumulative research on information security has investigated the technical side of this critical issue, but securing organizational systems...

This article summarises the cognitive biases that facilitate social engineering scams, which can be used to develop more effective cyber security awareness campaigns.  

This paper introduces a novel approach to access control, particularly for single-user systems, that takes into account the entire history of user and program actions to enhance the precision and expressiveness of access control policies. Current access control...

"Your computer is infected with spyware. Click OK to download the necessary anti-spyware updates." This type of popup warning is a common deceptive strategy employed by creators of malware and spyware to trick unsuspecting internet users into downloading harmful...

In this study, males who thought others of equal status were watching and judging their decisions were more likely to persue a high-risk, high-reward means of recouping a financial loss over a no risk, low gain means with equal expected value. The results suggest...

Thorough book introducing “nudge” theory; the idea of subtly nudging people to make certain decisions or behaviours. Examples include placing certain foods in different orders to encourage healthy eating and changing default options to the desired choice. These small...

This whitepaper explores research that concludes that, despite security policies, procedures and tools currently in place, employees around the world are still engaging in risky behaviours that put corporate and personal data at risk.  

The aim is to explore users’ reactions to health information web sites from the perspective of trust, retrieval of relevant information and ease-of-use, and to establish the link between perceived quality, trust, and usability. An analysis of three Australian health...

Information security is one of the major challenges for organizations that critically depend on information systems to conduct their businesses. Ensuring safety of information and technology resources has become the top priority for many organizations since the...

Safety cues are frequently used in online stores to relieve consumers’ risk perceptions concerning online purchases. This paper uses regulatory focus theory (RFT) to predict the persuasiveness of online safety cues. According to RFT (Higgins, 1997), people process...

Companies collect personally identifiable information that website visitors are not always comfortable sharing. One proposed remedy is to use economics rather than legislation to address privacy risks by creating a marketplace for privacy where website visitors would...

Intentional insider misuse of information systems resources (i.e., IS misuse) represents a significant threat to organizations. For example, industry statistics suggest that between 50%–75% of security incidents originate from within an organization. Because of the...

While good user education can hardly secure a system, we believe that poor user education can put it at serious risk. The current problem of online fraud is exasperated by the fact that most users make security decisions, such as whether to install a given piece of...

We report the results of a large scale study of password use and password re-use habits. The study involved half a million users over a three month period. A client component on users’ machines recorded a variety of password strength, usage and frequency metrics. This...

A framework to motivate safe online behavior that interprets prior research and uses it to evaluate some of the nonprofit online safety education efforts is presented. Self-efficacy and response efficacy have the most consistent impact on safety behavior, and also...