The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats
Individuals can perform many different behaviors to protect themselves from computer security threats. Research, however, generally explores computer security behaviors in isolation, typically looking at one behavior per study, such as usage of malware or strong passwords. However, defense in depth...
Gespeichert in:
| Veröffentlicht in: | Information systems frontiers 2019-04, Vol.21 (2), p.343-357 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 357 |
|---|---|
| container_issue | 2 |
| container_start_page | 343 |
| container_title | Information systems frontiers |
| container_volume | 21 |
| creator | Crossler, Robert E. Bélanger, France Ormond, Dustin |
| description | Individuals can perform many different behaviors to protect themselves from computer security threats. Research, however, generally explores computer security behaviors in isolation, typically looking at one behavior per study, such as usage of malware or strong passwords. However, defense in depth requires that multiple behaviors be performed concurrently for one’s computer to be protected. Addressing this gap in prior research, this study measures 279 individuals’ computer security behaviors and analyzes them with multi-dimensional scaling. We examined three security threats: security related performance degradation, identify theft, and data loss. The results present a mapping of security behaviors performed together with other behaviors on two dimensions for each of these threats. Using expert reviews of the resulting dimensions, the study proposes that response efficacy and response cost help explain why people perform certain behaviors together. These findings can help explain inconsistent results in prior information security research because they focused on one behavior only whereas people perform various security behaviors together in an effort to mitigate specific security threats. The study informs research and practice by identifying security threat-response pairs via expert interviews, surveying individuals on how they perform multiple security behaviors concurrently to mitigate security threats, identifying why certain behaviors are performed together, and using these findings to identify reasons why IS security research has confounding results based on specific individual threat-response pairs used in prior studies. |
| doi_str_mv | 10.1007/s10796-017-9755-1 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2229557283</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2229557283</sourcerecordid><originalsourceid>FETCH-LOGICAL-c316t-7417f2063f0fc2cd12c622edc2cec597ad56a46cad4ff103fa8dd71d69b70e113</originalsourceid><addsrcrecordid>eNp1kL1OwzAUhS0EEqXwAGyWmA2-TmI3bFXFn1SJpcyWca5pqvzVdoZsvAavx5OQEgQT0z3DOUfnfoRcAr8GztVNAK5yyTgolqssY3BEZpApwfIU8uNRJwvFkkTIU3IWwo5zkEJlM7LfbJHuewyRutZT29ZdhRFpQNv7Mg63dNlQrLvSl9ZU1DSmGkIZaOtoH9CHz_cPWvdVLFllBvRY0M63EW0s24Y639a_TTRuPZoYzsmJM1XAi587Jy_3d5vVI1s_PzytlmtmE5CRqRSUE1wmjjsrbAHCSiGwGDXaLFemyKRJpTVF6hzwxJlFUSgoZP6qOAIkc3I19Y6Dvh_Uu7b34_6ghRB5NsJZJKMLJpf1bQgene58WRs_aOD6QFZPZPVIVh_I6kOzmDJh9DZv6P-a_w99AXrnfzg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2229557283</pqid></control><display><type>article</type><title>The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats</title><source>SpringerNature Journals</source><creator>Crossler, Robert E. ; Bélanger, France ; Ormond, Dustin</creator><creatorcontrib>Crossler, Robert E. ; Bélanger, France ; Ormond, Dustin</creatorcontrib><description>Individuals can perform many different behaviors to protect themselves from computer security threats. Research, however, generally explores computer security behaviors in isolation, typically looking at one behavior per study, such as usage of malware or strong passwords. However, defense in depth requires that multiple behaviors be performed concurrently for one’s computer to be protected. Addressing this gap in prior research, this study measures 279 individuals’ computer security behaviors and analyzes them with multi-dimensional scaling. We examined three security threats: security related performance degradation, identify theft, and data loss. The results present a mapping of security behaviors performed together with other behaviors on two dimensions for each of these threats. Using expert reviews of the resulting dimensions, the study proposes that response efficacy and response cost help explain why people perform certain behaviors together. These findings can help explain inconsistent results in prior information security research because they focused on one behavior only whereas people perform various security behaviors together in an effort to mitigate specific security threats. The study informs research and practice by identifying security threat-response pairs via expert interviews, surveying individuals on how they perform multiple security behaviors concurrently to mitigate security threats, identifying why certain behaviors are performed together, and using these findings to identify reasons why IS security research has confounding results based on specific individual threat-response pairs used in prior studies.</description><identifier>ISSN: 1387-3326</identifier><identifier>EISSN: 1572-9419</identifier><identifier>DOI: 10.1007/s10796-017-9755-1</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Behavior ; Business and Management ; Control ; Cybersecurity ; Data loss ; Empirical analysis ; Human behavior ; Information systems ; IT in Business ; Malware ; Management of Computing and Information Systems ; Mapping ; Multilayers ; Operations Research/Decision Theory ; Performance degradation ; Security management ; Surveying ; Systems Theory ; Theft</subject><ispartof>Information systems frontiers, 2019-04, Vol.21 (2), p.343-357</ispartof><rights>Springer Science+Business Media New York 2017</rights><rights>Information Systems Frontiers is a copyright of Springer, (2017). All Rights Reserved.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c316t-7417f2063f0fc2cd12c622edc2cec597ad56a46cad4ff103fa8dd71d69b70e113</citedby><cites>FETCH-LOGICAL-c316t-7417f2063f0fc2cd12c622edc2cec597ad56a46cad4ff103fa8dd71d69b70e113</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s10796-017-9755-1$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s10796-017-9755-1$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,41488,42557,51319</link.rule.ids></links><search><creatorcontrib>Crossler, Robert E.</creatorcontrib><creatorcontrib>Bélanger, France</creatorcontrib><creatorcontrib>Ormond, Dustin</creatorcontrib><title>The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats</title><title>Information systems frontiers</title><addtitle>Inf Syst Front</addtitle><description>Individuals can perform many different behaviors to protect themselves from computer security threats. Research, however, generally explores computer security behaviors in isolation, typically looking at one behavior per study, such as usage of malware or strong passwords. However, defense in depth requires that multiple behaviors be performed concurrently for one’s computer to be protected. Addressing this gap in prior research, this study measures 279 individuals’ computer security behaviors and analyzes them with multi-dimensional scaling. We examined three security threats: security related performance degradation, identify theft, and data loss. The results present a mapping of security behaviors performed together with other behaviors on two dimensions for each of these threats. Using expert reviews of the resulting dimensions, the study proposes that response efficacy and response cost help explain why people perform certain behaviors together. These findings can help explain inconsistent results in prior information security research because they focused on one behavior only whereas people perform various security behaviors together in an effort to mitigate specific security threats. The study informs research and practice by identifying security threat-response pairs via expert interviews, surveying individuals on how they perform multiple security behaviors concurrently to mitigate security threats, identifying why certain behaviors are performed together, and using these findings to identify reasons why IS security research has confounding results based on specific individual threat-response pairs used in prior studies.</description><subject>Behavior</subject><subject>Business and Management</subject><subject>Control</subject><subject>Cybersecurity</subject><subject>Data loss</subject><subject>Empirical analysis</subject><subject>Human behavior</subject><subject>Information systems</subject><subject>IT in Business</subject><subject>Malware</subject><subject>Management of Computing and Information Systems</subject><subject>Mapping</subject><subject>Multilayers</subject><subject>Operations Research/Decision Theory</subject><subject>Performance degradation</subject><subject>Security management</subject><subject>Surveying</subject><subject>Systems Theory</subject><subject>Theft</subject><issn>1387-3326</issn><issn>1572-9419</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNp1kL1OwzAUhS0EEqXwAGyWmA2-TmI3bFXFn1SJpcyWca5pqvzVdoZsvAavx5OQEgQT0z3DOUfnfoRcAr8GztVNAK5yyTgolqssY3BEZpApwfIU8uNRJwvFkkTIU3IWwo5zkEJlM7LfbJHuewyRutZT29ZdhRFpQNv7Mg63dNlQrLvSl9ZU1DSmGkIZaOtoH9CHz_cPWvdVLFllBvRY0M63EW0s24Y639a_TTRuPZoYzsmJM1XAi587Jy_3d5vVI1s_PzytlmtmE5CRqRSUE1wmjjsrbAHCSiGwGDXaLFemyKRJpTVF6hzwxJlFUSgoZP6qOAIkc3I19Y6Dvh_Uu7b34_6ghRB5NsJZJKMLJpf1bQgene58WRs_aOD6QFZPZPVIVh_I6kOzmDJh9DZv6P-a_w99AXrnfzg</recordid><startdate>20190401</startdate><enddate>20190401</enddate><creator>Crossler, Robert E.</creator><creator>Bélanger, France</creator><creator>Ormond, Dustin</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7SC</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>8AL</scope><scope>8AO</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ALSLI</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>CNYFK</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>L.-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0C</scope><scope>M0N</scope><scope>M1O</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>Q9U</scope></search><sort><creationdate>20190401</creationdate><title>The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats</title><author>Crossler, Robert E. ; Bélanger, France ; Ormond, Dustin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c316t-7417f2063f0fc2cd12c622edc2cec597ad56a46cad4ff103fa8dd71d69b70e113</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Behavior</topic><topic>Business and Management</topic><topic>Control</topic><topic>Cybersecurity</topic><topic>Data loss</topic><topic>Empirical analysis</topic><topic>Human behavior</topic><topic>Information systems</topic><topic>IT in Business</topic><topic>Malware</topic><topic>Management of Computing and Information Systems</topic><topic>Mapping</topic><topic>Multilayers</topic><topic>Operations Research/Decision Theory</topic><topic>Performance degradation</topic><topic>Security management</topic><topic>Surveying</topic><topic>Systems Theory</topic><topic>Theft</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Crossler, Robert E.</creatorcontrib><creatorcontrib>Bélanger, France</creatorcontrib><creatorcontrib>Ormond, Dustin</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>Computer and Information Systems Abstracts</collection><collection>Access via ABI/INFORM (ProQuest)</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Social Science Premium Collection</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>Proquest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>Library & Information Science Collection</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ABI/INFORM Professional Advanced</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Library Science Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central Basic</collection><jtitle>Information systems frontiers</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Crossler, Robert E.</au><au>Bélanger, France</au><au>Ormond, Dustin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats</atitle><jtitle>Information systems frontiers</jtitle><stitle>Inf Syst Front</stitle><date>2019-04-01</date><risdate>2019</risdate><volume>21</volume><issue>2</issue><spage>343</spage><epage>357</epage><pages>343-357</pages><issn>1387-3326</issn><eissn>1572-9419</eissn><abstract>Individuals can perform many different behaviors to protect themselves from computer security threats. Research, however, generally explores computer security behaviors in isolation, typically looking at one behavior per study, such as usage of malware or strong passwords. However, defense in depth requires that multiple behaviors be performed concurrently for one’s computer to be protected. Addressing this gap in prior research, this study measures 279 individuals’ computer security behaviors and analyzes them with multi-dimensional scaling. We examined three security threats: security related performance degradation, identify theft, and data loss. The results present a mapping of security behaviors performed together with other behaviors on two dimensions for each of these threats. Using expert reviews of the resulting dimensions, the study proposes that response efficacy and response cost help explain why people perform certain behaviors together. These findings can help explain inconsistent results in prior information security research because they focused on one behavior only whereas people perform various security behaviors together in an effort to mitigate specific security threats. The study informs research and practice by identifying security threat-response pairs via expert interviews, surveying individuals on how they perform multiple security behaviors concurrently to mitigate security threats, identifying why certain behaviors are performed together, and using these findings to identify reasons why IS security research has confounding results based on specific individual threat-response pairs used in prior studies.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s10796-017-9755-1</doi><tpages>15</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1387-3326 |
| ispartof | Information systems frontiers, 2019-04, Vol.21 (2), p.343-357 |
| issn | 1387-3326 1572-9419 |
| language | eng |
| recordid | cdi_proquest_journals_2229557283 |
| source | SpringerNature Journals |
| subjects | Behavior Business and Management Control Cybersecurity Data loss Empirical analysis Human behavior Information systems IT in Business Malware Management of Computing and Information Systems Mapping Multilayers Operations Research/Decision Theory Performance degradation Security management Surveying Systems Theory Theft |
| title | The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-22T05%3A02%3A20IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=The%20quest%20for%20complete%20security:%20An%20empirical%20analysis%20of%20users%E2%80%99%20multi-layered%20protection%20from%20security%20threats&rft.jtitle=Information%20systems%20frontiers&rft.au=Crossler,%20Robert%20E.&rft.date=2019-04-01&rft.volume=21&rft.issue=2&rft.spage=343&rft.epage=357&rft.pages=343-357&rft.issn=1387-3326&rft.eissn=1572-9419&rft_id=info:doi/10.1007/s10796-017-9755-1&rft_dat=%3Cproquest_cross%3E2229557283%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2229557283&rft_id=info:pmid/&rfr_iscdi=true |