Identifying and predicting the factors affecting end-users' risk-taking behavior. (9th July 2018)
- Record Type:
- Journal Article
- Title:
- Identifying and predicting the factors affecting end-users' risk-taking behavior. (9th July 2018)
- Main Title:
- Identifying and predicting the factors affecting end-users' risk-taking behavior
- Authors:
- Alohali, Manal
Clarke, Nathan
Li, Fudong
Furnell, Steven - Abstract:
- Abstract : Purpose: The end-user has frequently been identified as the weakest link; however, motivated by the fact that different users react differently to the same stimuli, identifying the reasons behind variations in security behavior and why certain users could be "at risk" more than others is a step toward protecting and defending users against security attacks. This paper aims to explore the effect of personality trait variations (through the Big Five Inventory [BFI]) on users' risk level of their intended security behaviors. In addition, age, gender, service usage and information technology (IT) proficiency are analyzed to identify what role and impact they have on behavior. Design/methodology/approach: The authors developed a quantitative-oriented survey that was implemented online. The bi-variate Pearson two-tailed correlation was used to analyze survey responses. Findings: The results obtained by analyzing 538 survey responses suggest that personality traits do play a significant role in affecting users' security behavior risk levels. Furthermore, the results suggest that BFI score of a trait has a significant effect as users' online personality is linked to their offline personality, especially in the conscientiousness personality trait. Additionally, this effect was stronger when personality was correlated with the factors of IT proficiency, gender, age and online activity. Originality/value: The contributions of this paper are two-fold. First, with the aid of aAbstract : Purpose: The end-user has frequently been identified as the weakest link; however, motivated by the fact that different users react differently to the same stimuli, identifying the reasons behind variations in security behavior and why certain users could be "at risk" more than others is a step toward protecting and defending users against security attacks. This paper aims to explore the effect of personality trait variations (through the Big Five Inventory [BFI]) on users' risk level of their intended security behaviors. In addition, age, gender, service usage and information technology (IT) proficiency are analyzed to identify what role and impact they have on behavior. Design/methodology/approach: The authors developed a quantitative-oriented survey that was implemented online. The bi-variate Pearson two-tailed correlation was used to analyze survey responses. Findings: The results obtained by analyzing 538 survey responses suggest that personality traits do play a significant role in affecting users' security behavior risk levels. Furthermore, the results suggest that BFI score of a trait has a significant effect as users' online personality is linked to their offline personality, especially in the conscientiousness personality trait. Additionally, this effect was stronger when personality was correlated with the factors of IT proficiency, gender, age and online activity. Originality/value: The contributions of this paper are two-fold. First, with the aid of a large population sample, end-users' security practice is assessed from multiple domains, and relationships were found between end-users' risk-taking behavior and nine user-centric factors. Second, based upon these findings, the predictive ability for these user-centric factors were evaluated to determine the level of risk a user is subject to from an individual behavior perspective. Of 28 behaviors, 11 were found to have a 60 per cent or greater predictive ability, with the highest classification of 92 per cent for several behaviors. This provides a basis for organizations to use behavioral intent alongside personality traits and demographics to understand and, therefore, manage the human aspects of risk. … (more)
- Is Part Of:
- Information and computer security. Volume 26:Number 3(2018)
- Journal:
- Information and computer security
- Issue:
- Volume 26:Number 3(2018)
- Issue Display:
- Volume 26, Issue 3 (2018)
- Year:
- 2018
- Volume:
- 26
- Issue:
- 3
- Issue Sort Value:
- 2018-0026-0003-0000
- Page Start:
- 306
- Page End:
- 326
- Publication Date:
- 2018-07-09
- Subjects:
- Risk analysis -- Information security modelling
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-03-2018-0037 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 7156.xml