Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Protecting users against phishing attacks with AntiPhish
Phishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing scams have been receiving extensive press coverage because such attacks have been escalating in...
An application of deterrence theory to software piracy
Although the research on software piracy is growing, criminologists have not examined the role of deterrence in software piracy. Using data collected from 382 undergraduate students attending a southeastern university, this study examined the role of deterrence in...
Analysis of end user security behaviors
This article outlines the process of developing a taxonomy of end user security-related behaviors, testing its consistency, and using it to conduct a U.S. survey on key end user behaviors. The study involved interviewing 110 individuals knowledgeable about end user...
Cross-cultural differences in relationship- and group-based trust
This study suggests Japanese and American people exhibit trust based on different things as the existence of a potential indirect relationship increased trust of outgroup members more for Japanese people than for Americans.
Moral psychology and information ethics: Psychological distance and the components of oral action in a digital world
This paper suggests technology can create a psychological distance between users that impacts four components of moral behaviour (sensitivity, judgment, motivation, and action). According to the paper, the psychological distance facilitates crimes like piracy and...
Positive emotions broaden the scope of attention and thought-action repertoires
This study found positive emotions increase attention and encouraged new thoughts and actions, and that negative emotions discouraged new thoughts and actions. The findings are in accordance with broaden-and-build theory.
Do information security policies reduce the incidence of security breaches: An exploratory analysis.
Information is a critical corporate asset, which has become increasingly vulnerable to attacks from viruses, hackers, criminals and human error. Consequently, organizations are having to prioritise the security of their computer systems, to ensure that their...
Computer security and risky computing practices: A rational choice perspective
Despite rapid technological advances in computer hardware and software, insecure behavior by individual computer users continues to be a significant source of direct cost and productivity loss. Why do individuals, many of whom are aware of the possible grave...
Managing the unexpected
What makes some organisations more reliable than others? The authors of Managing the Unexpected believe the answer lies in the differences in behaviours and learning styles of highly reliable organisations and organisations that are relatively unreliable. This book...
Bridging the gap between organisational and user perspectives of security in the clinical domain
An understanding of ‘communities of practice’ can help to make sense of existing security and privacy issues within organizations; the same understanding can be used proactively to help bridge the gap between organizational and end-user perspectives on these matters....
A protection motivation theory approach to home wireless security
Research in socio-technical factors in computer security has traditionally focused on employees and their work practice within the premises of the organization. However, with universal access to computing and the diverse means of connecting such devices to each...
The nature and replication of routines
This paper seeks to properly define routines to facilitate further empirical research into how routines are built and how routines can be changed. Broadly, it defines routines as dispositions that trigger patterns of behaviours in a group of individuals, following...
Internet users’ information privacy concerns (IUIPC): The construct, the scale, and a causal model
The lack of consumer confidence in information privacy has been identified as a major problem hampering the growth of e-commerce. Despite the importance of understanding the nature of online consumers' concerns for information privacy, this topic has received little...
Behavioral information security: Two end user survey studies of motivation and security practices
Information security is a multibillion-dollar problem faced by commercial and government organizations around the world. Through their adverse effects on organizational information systems, malware, hackers, and malicious insiders jeopardize organizations’...
The 10 deadly sins of information security management
This paper identifies 10 essential aspects, which, if not taken into account in an information security governance plan, will surely cause the plan to fail, or at least, cause serious flaws in the plan. These 10 aspects can be used as a checklist by management to...
Privacy policies as decision-making tools: An evaluation of online privacy notices
Studies have repeatedly shown that users are increasingly concerned about their privacy when they go online. In response to both public interest and regulatory pressures, privacy policies have become almost ubiquitous. An estimated 77% of websites now post a privacy...
Psychological ownership and feelings of possession: Three field studies predicting employee attitudes and organizational citizenship behavior
This study investigates the relationships between psychological ownership and work attitudes and behaviors. Hypotheses were developed based on the psychology of possession and psychological ownership literatures. These hypotheses were tested using data from three...
Risk as analysis and risk as feelings: Some thoughts about affect, reason, risk, and rationality
Modern theories in cognitive psychology and neuroscience indicate that there are two fundamental ways in which human beings comprehend risk. The “analytic system” uses algorithms and normative rules, such as probability calculus, formal logic, and risk assessment. It...
Where did they go wrong? An analysis of the failure of knowledgeable Internet consumers to detect deception over the internet
This paper uses an information-processing model of deception detection to understand the reasons underlying Internet consumers' success and failure at detecting forms of intentional deception that occur on the Internet. Eighty MBA students visited either a real...
An overview of online trust: Concepts, elements, and implications
This paper first reviews academic studies relating to online trust before using said studies to propose a framework for trust-inducing website design.
Angry men and disgusted women: An evolutionary approach to the influence of emotions on risk taking
Through a gambling task involving real stakes, the authors demonstrate that anger increases risk-taking in men while disgust decreases risk-taking in women.