Abstract
Information security is a great concern to computer users, which is not only a technical problem, but also related to human factors. The objective of this study is to investigate the factors that can influence people’s perception of different threats to information security. In the survey study, 602 respondents were asked to evaluate one of 21 common threats to information security with regard to its position on each of the 20 threat-related items. An exploratory factor analysis was then conducted, and a six-factor structure modeling people’s perception of different threats to information security was derived. The relations between the factors and the perceived overall danger of threats were also tested by multiple regression analyses.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Berinato, S.: The Global State of Information Security 2005. CIO and PricewaterhouseCoopers (2005) (retrieved April 16, 2006), from http://www.csoonline.com/read/100105/survey.html
UNCTAD: Information Economy Report. United Nations Conference on Trade and Development (2005) (retrieved April 17, 2006), from http://www.unctad.org
Gonzalez, J.J., Sawicka, A.: A Framework for Human Factors in Information Security. In: ICIS 2002. The 2002 WSEAS International Conference on Information Security (2002)
Turner, D., Entwisle, S., Fossi, M., Blackbird, J., Mckinney, D.: Symantec Internet Security Threat Report - Trends for January 06 to June 06 (2006) (retrieved January 17, 2007), from http://www.symantec.com
Gorden, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: 2006 CSI/FBI Computer Crime and Security Survey. Computer Security Institute (2006) (retrieved January 9, 2007), from http://www.gocsi.com
Schultz, E.E., Proctor, R.W., Lien, M.C., Salvendy, G.: Usability and security: an appraisal of usability issues in information security methods. Computers and Security 20(7), 620 (2001)
CNNIC: The Statistics Report of The Development of Internet in China. China Internet Network Information Center (2006) (retrieved April 17, 2006), from http://www.cnnic.net.cn/index/0E/00/11/index.htm
Hassel, L., Wiedenbeck, S.: Human Factors and Information Security, in College of Information Science and Technology. Drexel University (2004)
Salvendy, G.: Handbook of Human Factors and Ergonomics. Wiley-Interscience, Chichester (1997)
Cooper, D.: Psychology, risk & safety: understanding how personality & perception can influence risk taking. Professional Safety 48(11), 39–46 (2003)
NSTISSC: National Training Standard for Information Systems Security (Infosec) Professionals. National Security Telecommunications and Information Systems Security Committee (1994)
Whitman, M.E., Mattford, H.J.: Principles of Information Security. Thomson Learning (2004)
Musekura, J.B., Ekh, R.: Information Security Issues - Difference between Perception and Practice in Organizations. In Department of Business, Economics, Statistics and Informatics. Orebro University, Sweden (2004) (retrieved January 6, 2007), from http://www.oru.se/templates/oruExtNormal____19402.aspx
Whitman, M.E.: Enemy at the gate: Threats to information security. Communications of the ACM 46(8), 91–95 (2003)
Starr, C.: Social benefit versus technological risk. Science 165, 1232–1238 (1969)
Fischhoff, B., Slovic, P., Lichtenstein, S., Read, S., Cambs, B.: How safe is safe enough? A psychometric study of attitudes towards technological risks and benefits. Policy Sciences 9, 127–152 (1978)
Slovic, P., Fischhoff, B., Lichtenstein, S.: Facts and Fears - Understanding Risk. In: Schwing, R.C., Albers, W.A. (eds.) Societal Risk Assessment - How Safe is Safe Enough?, pp. 181–218. Plenum, New York (1980)
Slovic, P.: Perception of Risk. Science 236, 280–285 (1987)
Siegrist, M., Keller, C., Kiers, H.A.L.: A New Look at the Psychometric Paradigm of Perception of Hazards. Risk Analysis 25(1), 211–222 (2005)
Covello, V.T.: The perception of technological risks: a literature review. Tech. Forecasting Social Change 23, 285–297 (1983)
Covello, V.T.: Risk communication: An emerging area of health communication research. In: Deetz, S.(ed.) Communication Yearbook, 15 edn. (1992)
Covello, V.T., Merkhofer, M.W.: Risk Assessment Methods. Plenum Press, New York (1994)
Sjoeberg, L., Drottz-Sjoeberg, B.-M.: Knowledge and risk perception among nuclear power plant employees. Risk Analysis 11(4), 607 (1991)
Stainer, A., Stainer, L.: Young people’s risk perception of nuclear power - a European viewpoint. International Journal of Global Energy Issues 7(5-6), 261–270 (1995)
Setbon, M., Raude, J., Fischler, C., Flahault, A.: Risk perception of the mad cow disease in France: Determinants and consequences. Risk Analysis 25(4), 813–826 (2005)
Slovic, P., MacGregor, D., Kraus, N.N.: Peception of Risk from Automobile Safety Defects. Accident Analysis and Prevention 19(5), 359–373 (1987)
MacDonald, G.: Risk perception and construction safety. In: Proceedings of the Institution of Civil Engineers: Civil Engineering, vol. 159 (2 SPEC ISS), pp. 51–56 (2006)
Jackson, J., Allum, N., Gaskell, G.: Perceptions of Risk in Cyberspace. In: Mansell, R., Collins, B.S. (eds.) Trust and Crime in Information Societies, Edward Elgar, Northampton, MA (2005)
Vyskoc, J., Fibikova, L.: IT users’ perception of information security. In: 2nd Working Conference on Security and Control of Information Technology in Security 2001, Comenius Univ., Bratislava, Slovakia (2001)
Yenisey, M.M., Ozok, A.A., Salvendy, G.: Perceived security determinants in e-commerce among Turkish university students. Behaviour & Information Technology 24(4), 259–274 (2005)
Nunnally, J.C.: Psychometric Theory. McGraw-Hill, New York, NY (1978)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Huang, DL., Rau, PL.P., Salvendy, G. (2007). A Survey of Factors Influencing People’s Perception of Information Security. In: Jacko, J.A. (eds) Human-Computer Interaction. HCI Applications and Services. HCI 2007. Lecture Notes in Computer Science, vol 4553. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73111-5_100
Download citation
DOI: https://doi.org/10.1007/978-3-540-73111-5_100
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73109-2
Online ISBN: 978-3-540-73111-5
eBook Packages: Computer ScienceComputer Science (R0)