Rebecca LeFebvre
ABSTRACT
The internet was originally designed as an open system for trustworthy users, yet with its rapid growth rate, it has become vulnerable to cyber crime. Much research exists on promoting cyber security awareness among employees of businesses, but less exists on cyber security awareness in the general population. This paper focuses on the general student population at Kennesaw State University (KSU), examining how they are motivated to protect themselves from the threat of cyber crime. The study's framework draws on Roger's Protection Motivation Theory, making use of the five motivational factors: risk severity, vulnerability, self-efficacy, response efficacy, and response cost. Research methods used include observation of on-campus classes, interviews with instructors, and surveys of a random sampling of students. The results showed that feelings of vulnerability were significant indicators of motivation to take precautions when using social networks. The response cost, measured in time and money required to respond to social networking threats as well as computer virus threats, was a significant negative indicator of motivation for action.
- Bernard, H. R. 2006. Research Methods in Anthropology, 4th edition. AltaMira Press, Lanham, Maryland.Google Scholar
- Chen, C. C., Shaw, R. S., & Yang, S. C. 2006. Mitigating information security risks by increasing user security awareness: A case study of an information security awareness system. Information Technology Learning and Performance Journal, 24, 1.Google Scholar
- Cone, B. D., Irvine, C. E., Thompson, M. F., & Nguyen, T. D. 2007. A video game for cyber security training and awareness. Computers & Security, 26, 1, 63--72.Google ScholarDigital Library
- Gordon, L. A., Loeb, M. P., & Sohail, T. 2003. A framework for using insurance for cyber-risk management. Communications of the ACM, 46, 3, 81--85. Google ScholarDigital Library
- Gurung, A., Luo, X., & Liao, Q. 2009. Consumer motivations in taking action against spyware: An empirical investigation. Information Management & Computer Security, 1, 3, 276--289.Google ScholarCross Ref
- KSU Factbook. 2010. WWW document viewed 10/19/2011 from https://vic34.kennesaw.edu/fb/kenn_fact_book.pkg_fact_book_html.p_show_fact_book_page?p_year=2010&p_page_type=STU&p_page_id=120Google Scholar
- Logan, P. Y., & Clarkson, A. 2005. Teaching students to hack: Curriculum issues in information security. ACM SIGCSE Bulletin, 3, 1, 157--161. Google ScholarDigital Library
- Lorents, A. C., Maris, J. M., Morgan, J. N., & Neal, G. L. 2006. Ethics of computer use: A survey of student attitudes. Academy of Information and Management Sciences Journal, 9, 2.Google Scholar
- Miniwatts Marketing Group. Internet Usage Statistics: The Internet Big Picture. 2011. WWW document viewed 11/19/2011 from http://www.internetworldstats.com/stats.htm.Google Scholar
- Norman P, Boer H, Seydel E. R. 2005. Protection motivation theory. Predicting Health Behaviour. Open University Press, Berkshire, UK.Google Scholar
- Randazzo, M. R., Keeney, M., & Kowalski, E. 2005. Insider threat study: Illicit cyber activity in the banking and finance sector. Carnegie Mellon University Software Engineernig Institute Technical Report, Hanscom AFB, MA.Google Scholar
- Richardson, R. 2007. CSI computer crime and security survey. Computer Security Institute, 1--28.Google Scholar
- Siponen, M. T. 2001. Five dimensions of information security awareness. Computers and Society, 31, 2, 24--29. Google ScholarDigital Library
- Valentine, J. A. 2006. Enhancing the employee security awareness model. Computer Fraud & Security, 6, 17--19.Google ScholarCross Ref
- Whitman, M. E., and Mattord, H. J. 2010. The enemy is still at the gates: Threats to information security revisited. 2010 Information Security Curriculum Development Conference, 95--96. Google ScholarDigital Library
- Woodward, B., Davis, D. C., & Hodis, F. A. 2007. The relationship between ethical decision making and ethical reasoning in information technology students. Journal of Information Systems Education, 18, 2, 10.Google Scholar
Index Terms
- The human element in cyber security: a study on student motivation to act
Recommendations
What is 'Cyber Security'?: Differential Language of Cyber Security Across the Lifespan
CHI EA '19: Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing SystemsPeople experience and understand cyber security differently. Our ongoing work aims to address the fundamental challenge of how we can understand a diverse range of cyber security experiences, attitudes and behaviours in order to design better, more ...
Government regulations in cyber security: Framework, standards and recommendations
AbstractCyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
A proposed cyber threat incident handling framework for schools in South Africa
SAICSIT '12: Proceedings of the South African Institute for Computer Scientists and Information Technologists ConferenceIn South Africa, there is a lack of structure or guidance for schools on how to deal with cyber threats. There are no clear procedures that are consistently followed by schools, governing boards and educators, and the cyber threat process is not widely ...
Comments