Högskolan i Skövde

his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Context-Based Micro-Training: Enhancing cybersecurity training for end-users
University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment. (Informationssystem (IS), Information Systems)ORCID iD: 0000-0003-2084-9119
2022 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

This research addresses the human aspect of cybersecurity by developing a method for cybersecurity training of end-users. The reason for addressing that area is that human behaviour is widely regarded as one of the most used attack vectors. Exploiting human behaviour through various social engineering techniques, password guessing, and more is a common practice for attackers. Reports even suggest that human behaviour is exploited in 95% of all cybersecurity attacks. 

Human behaviour with regard to cybersecurity has been long discussed in the research. It is commonly suggested that users need support to behave securely. Training is often suggested as the way to improve user behaviour, and there are several different training methods available. The available training methods include instructor-led training, game-based training, eLearning, etc. However, even with the diversity of existing training methods, the effectiveness of such training has been questioned by recent research. Research suggests that existing training does not facilitate knowledge retention and user participation to a high enough degree.    

This research aims to address the problems with current training practices by developing a new method for cybersecurity training of end-users. The research used a design science (DS) approach to develop the new method in three increasingly complex design cycles. Principles for cybersecurity training were developed based on previous research and the Technology Acceptance Model and made the theoretical foundation of the reserach. The result is a theoretically grounded method for cybersecurity training that outlines goals and guidelines for how such training should be implemented. It has been evaluated in several steps with more than 1800 survey participants and 300 participants in various experiments. The evaluations have shown that it can both support users towards secure behaviour and be appreciated by its users.  

The main contribution of this research is the method for cybersecurity training, Context-Based Micro-Training (CBMT). CBMT is a theoretical contribution that describes good practices for cybersecurity training for end-users. Practitioners can adopt it as a guide on how to implement such training or to support procurement decisions. The research also shows the importance of integrating usability into the development of security practices. Users must positively receive both training and the guidelines imposed by training since positive user perception increases user adoption. Finally, the research shows that following security guidelines is difficult. While training is essential, this research suggests that training alone is not enough, and future research should consider the interplay between training and other support mechanisms.

Abstract [sv]

Denna forskning adresserar mänskliga aspekter på cybersäkerhet genom att utveckla en metod för cybersäkerhetsträning av användare. Forskningen motiveras med att användarbeteende anses vara en av de attackvektorer som angripare oftast använder. Att använda social manipulation, gissa lösenord och liknande för att utnyttja mänskligt beteende är vanligt. Vissa rapporter hävdar till och med att mänskligt beteende utnyttjas i 95% av alla cyberattacker.

Användarbeteende relaterat till cybersäkerhet har diskuterats i forskningen under lång tid. Det beskrivs ofta att användare behöver stöd för att agera säkert och träning föreslås ofta som sättet för att förbättra användarbeteenden. Det finns flera olika träningsmetoder att tillgå, bland annat lärarledd träning, spelbaserad träning och eLearning. Trots att det finns en mångfald av träningsmetoder har effektiviteten hos dessa metoder blivit ifrågasatt i samtida forskning. Forskning visar att existerande träningsmetoder inte ger tillräckligt bestående kunskap eller har tillräckligt hög användningsgrad.

Målet med denna forskning är att adressera problemen med existerande metoder för cybersäkerhetsträning genom att utveckla en ny metod för cybersäkerhetsträning av användare. Designbaserad forskning tillämpades för att utveckla den nya metoden i tre allt mer komplexa designcykler. Principer för cybersäkerhetsträning utvecklades baserat på tidigare forskning och teorin Technology Acceptance Model. Dessa principer utgjorde startpunkten för denna forskning. Resultatet är en teoretisk grundad metod för cybersäkerhetsträning vilken beskriver mål och riktlinjer för hur träning kan implementeras. Metoden har utvärderats i flera steg med fler än 1800 enkätdeltagare och 300 deltagare i olika experiment. Utvärderingarna visar att metoden kan stödja användare att agera säkert och att metoden uppskattas av användare.

Det huvudsakliga bidraget från denna forskning är metoden för säkerhetsträning, KontextBaserad MikroTräning (CBMT). CBMT är ett teoretiskt bidrag som beskriver mål och riktlinjer för säkerhetsträning av användare. Yrkesverksamma kan använda metoden som en guide för implementation av säkerhetsträning eller som ett stöd vid upphandling av säkerhetsträning. Forskningen visar också att det är viktigt att integrera användbarhet i utvecklingen av säkerhetsrutiner. När användare är positiva till träning, och de rutiner träningen förmedlar, ökar sannolikheten att användarna tillämpar rutinerna. Avslutningsvis påvisar forskningen att det är svårt för användare att följa säkerhetsråd. Även om träning är avgörande föreslår denna forskning att träning i sig inte är tillräckligt. Framtida forskning behöver studera samspelet mellan träning och andra stödfunktioner för användare.

Place, publisher, year, edition, pages
Skövde: University of Skövde , 2022. , p. 139
Series
Dissertation Series ; 45
Keywords [en]
cybersecurity, training, usable, security, user, education, awareness
National Category
Computer Systems Information Systems
Research subject
Information Systems
Identifiers
URN: urn:nbn:se:his:diva-21819ISBN: 978-91-984919-9-9 (print)OAI: oai:DiVA.org:his-21819DiVA, id: diva2:1696210
Public defence
2022-10-17, Assar Industrial Innovation Arena, Kavelbrovägen 2B, Skövde, 13:15 (English)
Opponent
Supervisors
Available from: 2022-09-20 Created: 2022-09-15 Last updated: 2022-09-20Bibliographically approved
List of papers
1. Online Fraud Defence by Context Based Micro Training
Open this publication in new window or tab >>Online Fraud Defence by Context Based Micro Training
2015 (English)In: Proceedings of the Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015) / [ed] Steven M. Furnell; Nathan L. Clarke, University of Plymouth Press, 2015, p. 256-264Conference paper, Published paper (Refereed)
Abstract [en]

Online frauds are a category of Internet crime that has been increasing globally over the past years. Online fraudsters use a lot of different arenas and methods to commit their crimes and that is making defence against online fraudsters a difficult task. Today we see continuous warnings in the daily press and both researchers and governmental web-pages propose that Internet users gather knowledge about online frauds in order to avoid victimisation. In this paper we suggest a framework for presenting this knowledge to the Internet users when they are about to enter a situation where they need it. We provide an evaluation of the framework that indicates that it can both make users less prone to fraudulent ads and more trusting towards legitimate ads. This is done with a survey containing 117 participants over two groups where the participants were asked to rate the trustworthiness of fraudulent and legitimate ads.. One groups used the framework before the rating and the other group did not. The results showed that, in our study, the participants using the framework put less trust in fraudulent ads and more trust in legitimate ads. 

Place, publisher, year, edition, pages
University of Plymouth Press, 2015
Keywords
Online fraud, fraud defence, awareness, micro training
National Category
Computer and Information Sciences
Research subject
Technology; Information Systems
Identifiers
urn:nbn:se:his:diva-11643 (URN)2-s2.0-85026411720 (Scopus ID)9781841023885 (ISBN)
Conference
Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), Lesvos, Greece, 1 July 2015 through 3 July 2015
Funder
.SE (The Internet Infrastructure Foundation)
Available from: 2015-10-30 Created: 2015-10-30 Last updated: 2024-04-11Bibliographically approved
2. Users perception of using CBMT for informationsecurity training
Open this publication in new window or tab >>Users perception of using CBMT for informationsecurity training
2019 (English)In: Proceedings of the Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019) / [ed] Steven M. Furnell; Nathan L. Clarke, University of Plymouth Press, 2019, p. 122-131Conference paper, Published paper (Refereed)
Abstract [en]

It is well established that user behavior is a crucial aspect of information security and archivingsecure behavior through awareness and security training is the go-to solution proposed bypractitioners as well as the research community. Thus, there is a dire need for efficient trainingmethods for use in the security domain. This paper introduces ContextBased MicroTraining(CBMT), a framework for information security training that dictated that information securitytraining should be delivered to end users in short-sequences when the users are in a situationwhere the training is needed. Further, the users' perception of CBMT in evaluated in an onlinesurvey where about 200 respondents are subjected to training material and asked about how theyperceived them. The results show that users like the training material designed according to theCBMT framework and would prefer to use CBMT over other traditional methods of informationsecurity training.

Place, publisher, year, edition, pages
University of Plymouth Press, 2019
Keywords
information security, training, learning, user behavior, micro training, ContextBased MicroTraining, CBMT
National Category
Computer Sciences
Research subject
INF301 Data Science; Information Systems
Identifiers
urn:nbn:se:his:diva-17454 (URN)978-0-244-19096-5 (ISBN)
Conference
Human Aspects of Information Security & Assurance (HAISA 2019) International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019), Nicosia, Cyprus, July 15-17, 201
Available from: 2019-07-18 Created: 2019-07-18 Last updated: 2022-12-29Bibliographically approved
3. Using Context Based MicroTraining to Develop OER for the Benefit of All
Open this publication in new window or tab >>Using Context Based MicroTraining to Develop OER for the Benefit of All
2019 (English)In: Proceedings of the 15th International Symposium on Open Collaboration, OpenSym 2019, 20-22 August 2019, Skövde, Sweden, New York: ACM Digital Library, 2019, article id A7Conference paper, Published paper (Refereed)
Abstract [en]

This paper demonstrates how Context Based MicroTraining (CBMT) can be used to develop open educational resources in a way that benefits students enrolled in university courses as well as anyone who wants to participate in open-learning activities. CBMT is a framework that provides guidelines for how educational resources should be structured. CBMT stipulates that information should be presented in short sequences and that is relevant for the learner’s current situation. In this paper, CBMT is implemented in a practical ICT course using video lectures that are delivered as open educational resources using YouTube. The experiences of enrolled students as well as YouTube users are evaluated as well as the actual results of the enrolled students. The results of the study suggest that users of the video lectures appreciate the learning approach. The actual results, i.e. learning outcomes, of the enrolled students are maintained. The study also demonstrates how using CBMT as open educational resources can free up time for teachers and increase the quality of teaching by benefitting from community feedback.

Place, publisher, year, edition, pages
New York: ACM Digital Library, 2019
Keywords
Open-learning, OER, Context Based MicroTraining, ondemand learning, higher education, nanolearning
National Category
Other Engineering and Technologies
Research subject
Information Systems
Identifiers
urn:nbn:se:his:diva-17636 (URN)10.1145/3306446.3340814 (DOI)000632588700007 ()2-s2.0-85073156418 (Scopus ID)978-1-4503-6319-8 (ISBN)
Conference
15th International Symposium on Open Collaboration, OpenSym 2019, 20-22 August 2019, Skövde, Sweden
Available from: 2019-09-03 Created: 2019-09-03 Last updated: 2022-12-29Bibliographically approved
4. Assisting Users to Create Stronger Passwords Using ContextBased MicroTraining
Open this publication in new window or tab >>Assisting Users to Create Stronger Passwords Using ContextBased MicroTraining
2020 (English)In: ICT Systems Security and Privacy Protection: 35th IFIP TC 11 International Conference, SEC 2020, Maribor, Slovenia, September 21–23, 2020, Proceedings / [ed] Marko Hölbl, Kai Rannenberg, Tatjana Welzer, Cham: Springer, 2020, p. 95-108Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we describe and evaluate how the learning framework ContextBased MicroTraining (CBMT) can be used to assist users to create strong passwords. Rather than a technical enforcing measure, CBMT is a framework that provides information security training to users when they are in a situation where the training is directly relevant. The study is carried out in two steps. First, a survey is used to measure how well users understand password guidelines that are presented in different ways. The second part measures how using CBMT to present password guidelines affect the strength of the passwords created. This experiment was carried out by implementing CBMT at the account registration page of a local internet service provider and observing the results on user-created passwords. The results of the study show that users presented with passwords creation guidelines using a CBMT learning module do understand the password creation guidelines to a higher degree than other users. Further, the experiment shows that users presented with password guidelines in the form of a CBMT learning module do create passwords that are longer and more secure than other users. The assessment of password security was performed using the zxcvbn tool, developed by Dropbox, that measures password entropy.

Place, publisher, year, edition, pages
Cham: Springer, 2020
Series
IFIP Advances in Information and Communication Technolog, ISSN 1868-4238, E-ISSN 1868-422X ; 580
Keywords
Security training Passwords, ContextBased MicroTraining, CBMT
National Category
Information Systems
Research subject
INF303 Information Security; Information Systems
Identifiers
urn:nbn:se:his:diva-19119 (URN)10.1007/978-3-030-58201-2_7 (DOI)2-s2.0-85092101429 (Scopus ID)978-3-030-58200-5 (ISBN)978-3-030-58201-2 (ISBN)
Conference
35th IFIP TC 11 International Conference, SEC 2020, Maribor, Slovenia, September 21–23, 2020
Available from: 2020-09-29 Created: 2020-09-29 Last updated: 2022-09-16Bibliographically approved
5. Can Johnny actually like security training?
Open this publication in new window or tab >>Can Johnny actually like security training?
2020 (English)In: Proceedings of the 6th International Workshop on Socio-Technical Perspective in IS Development (STPIS 2020): Virtual conference in Grenoble, France, June 8-9, 2020 / [ed] Peter Bednar, Alexander Nolte, Mikko Rajanen, Helena Vallo Hult, Anna Sigridur Islind, Federico Pigni, CEUR-WS , 2020, p. 76-83Conference paper, Published paper (Refereed)
Abstract [en]

Information security is a socio-technical property where a lot of traditional efforts has been placed in the technical domain. Security has been seen as a technical challenge and the solutions has been technical. However, it is well known that human behavior plays a key role in information security and the user is often seen as the weakest link in the security chain. As such, information security is a socio-technical property where the social, or human side needs increased attention. Security training is commonly suggested as the way to improve user behavior but the effects of various training efforts is also under-researched. This paper demonstrates how ContextBased MicroTraining (CBMT) can be implemented and performs a usability evaluation of that implementation. CBMT is a method for information security training which has been developed over years of research. The paper demonstrates that the CBMT method can aid in the development of highly usable security training. The paper also emphasizes the need for user centered design in development of security software intended for end-users. 

Place, publisher, year, edition, pages
CEUR-WS, 2020
Series
CEUR Workshop Proceedings, ISSN 1613-0073 ; 2789
Keywords
CBMT, ContextBased MicroTraining, Usability, Usable security, Security training
National Category
Information Systems
Research subject
INF303 Information Security; Information Systems
Identifiers
urn:nbn:se:his:diva-19357 (URN)2-s2.0-85099414436 (Scopus ID)
Conference
6th International Workshop on Socio-Technical Perspective in IS development, virtual conference in Grenoble, France, June 8-9, 2020
Projects
Utveckling av beslutsstöd för användare i riskfyllda situationer online
Funder
The Swedish Post and Telecom Authority (PTS), 19-10617
Note

CC BY 4.0

Available from: 2020-12-29 Created: 2020-12-29 Last updated: 2022-09-16Bibliographically approved
6. ContextBased MicroTraining: A Framework for Information Security Training
Open this publication in new window or tab >>ContextBased MicroTraining: A Framework for Information Security Training
2020 (English)In: Human Aspects of Information Security and Assurance: 14th IFIP WG 11.12 International Symposium, HAISA 2020, Mytilene, Lesbos, Greece, July 8–10, 2020, Proceedings / [ed] Nathan Clarke, Steven Furnell, Cham: Springer, 2020, p. 71-81Conference paper, Published paper (Refereed)
Abstract [en]

This paper address the emergent need for training measures designed to improve user behavior in regards to security. We do this by proposing a framework for information security training that has been developed for several years and over several projects. The result is the framework ContextBased MicroTraining (CBMT) which provides goals and guidelines for how to better implement information security training that supports the user in the situation where the user needs support. CBMT has been developed and tested for use in higher education as well as for the support of users during passwords creation. This paper presents version 1.0 of the framework with the latest renements.

Place, publisher, year, edition, pages
Cham: Springer, 2020
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238, E-ISSN 1868-422X ; 593
Keywords
Security training, awareness, ContextBasedMicroTraining, information security
National Category
Computer and Information Sciences
Research subject
INF303 Information Security; Information Systems
Identifiers
urn:nbn:se:his:diva-18953 (URN)10.1007/978-3-030-57404-8_6 (DOI)2-s2.0-85098174068 (Scopus ID)978-3-030-57403-1 (ISBN)978-3-030-57404-8 (ISBN)
Conference
14th IFIP WG 11.12 International Symposium, HAISA 2020, Mytilene, Lesbos, Greece, July 8–10, 2020
Available from: 2020-08-27 Created: 2020-08-27 Last updated: 2022-09-16Bibliographically approved
7. Constructing secure and memorable passwords
Open this publication in new window or tab >>Constructing secure and memorable passwords
2020 (English)In: Information and Computer Security, E-ISSN 2056-4961, Vol. 28, no 5, p. 701-717Article in journal (Refereed) Published
Abstract [en]

Purpose Using authentication to secure data and accounts has grown to be a natural part of computing. Even if several authentication methods are in existence, using passwords remain the most common type of authentication. As long and complex passwords are encouraged by research studies and practitioners alike, computer users design passwords using strategies that enable them to remember their passwords. This paper aims to find strategies that allow for the generation of passwords that are both memorable and computationally secure. Design/methodology/approach The study began with a literature review that was used to identify cognitive password creation strategies that facilitate the creation of passwords that are easy to remember. Using an action-based approach, attack models were created for the resulting creation strategies. The attack models were then used to calculate the entropy for passwords created with different strategies and related to a theoretical cracking time. Findings The result of this study suggests that using phrases with four or more words as passwords will generate passwords that are easy to remember and hard to attack. Originality/value This paper considers passwords from a socio-technical approach and provides insight into how passwords that are easy to remember and hard to crack can be generated. The results can be directly used to create password guidelines and training material that enables users to create usable and secure passwords.

Place, publisher, year, edition, pages
Emerald Group Publishing Limited, 2020
Keywords
Passwords, Security, Usability, Computer users, Memorability, Strategies, Computer security
National Category
Computer Sciences
Research subject
Information Systems
Identifiers
urn:nbn:se:his:diva-18852 (URN)10.1108/ICS-07-2019-0077 (DOI)000544364100001 ()2-s2.0-85086738920 (Scopus ID)
Available from: 2020-07-20 Created: 2020-07-20 Last updated: 2022-12-28Bibliographically approved
8. Evaluation Strategies for Cybersecurity Training Methods: A Literature Review
Open this publication in new window or tab >>Evaluation Strategies for Cybersecurity Training Methods: A Literature Review
2021 (English)In: Human Aspects of Information Security and Assurance: 15th IFIP WG 11.12 International Symposium, HAISA 2021, Virtual Event, July 7–9, 2021, Proceedings / [ed] Steven Furnell; Nathan Clarke, Cham: Springer, 2021, p. 102-112Conference paper, Published paper (Refereed)
Abstract [en]

The human aspect of cybersecurity continues to present challenges to researchers and practitioners worldwide. While measures are being taken to improve the situation, a vast majority of security incidents can be attributed to user behavior. Security and Awareness Training (SAT) has been available for several decades and is commonly given as a suggestion for improving the cybersecurity behavior of end-users. However, attackers continue to exploit the human factor suggesting that current SAT methods are not enough. Researchers argue that providing knowledge alone is not enough, and some researchers suggest that many currently used SAT methods are, in fact, not empirically evaluated. This paper aims to examine how SAT has been evaluated in recent research using a structured literature review. The result is an overview of evaluation methods which describes what results that can be obtained using them. The study further suggests that SAT methods should be evaluated using a variety of methods since different methods will inevitably provide different results. The presented results can be used as a guide for future research projects seeking to develop or evaluate methods for SAT.

Place, publisher, year, edition, pages
Cham: Springer, 2021
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238, E-ISSN 1868-422X ; 613
Keywords
Security, Evaluation, Methods, Awareness, Training, User
National Category
Information Systems
Research subject
INF303 Information Security; Information Systems
Identifiers
urn:nbn:se:his:diva-20474 (URN)10.1007/978-3-030-81111-2_9 (DOI)000763607200009 ()2-s2.0-85112344609 (Scopus ID)978-3-030-81111-2 (ISBN)978-3-030-81110-5 (ISBN)978-3-030-81113-6 (ISBN)
Conference
15th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2021, Virtual Event, July 7–9, 2021
Available from: 2021-08-17 Created: 2021-08-17 Last updated: 2022-09-16Bibliographically approved
9. Evaluation of Contextual and Game-Based Training for Phishing Detection
Open this publication in new window or tab >>Evaluation of Contextual and Game-Based Training for Phishing Detection
Show others...
2022 (English)In: Future Internet, E-ISSN 1999-5903, Vol. 14, no 4Article in journal (Refereed) Published
Abstract [en]

Cybersecurity is a pressing matter, and a lot of the responsibility for cybersecurity is put on the individual user. The individual user is expected to engage in secure behavior by selecting good passwords, identifying malicious emails, and more. Typical support for users comes from Information Security Awareness Training (ISAT), which makes the effectiveness of ISAT a key cybersecurity issue. This paper presents an evaluation of how two promising methods for ISAT support users in acheiving secure behavior using a simulated experiment with 41 participants. The methods were game-based training, where users learn by playing a game, and Context-Based Micro-Training (CBMT), where users are presented with short information in a situation where the information is of direct relevance. Participants were asked to identify phishing emails while their behavior was monitored using eye-tracking technique. The research shows that both training methods can support users towards secure behavior and that CBMT does so to a higher degree than game-based training. The research further shows that most participants were susceptible to phishing, even after training, which suggests that training alone is insufficient to make users behave securely. Consequently, future research ideas, where training is combined with other support systems, are proposed

Place, publisher, year, edition, pages
MDPI, 2022
Keywords
usable security, cybersecurity training, ISAT, SETA, phishing, user awareness, security behavior
National Category
Computer Sciences
Research subject
Information Systems; Interaction Lab (ILAB); INF303 Information Security
Identifiers
urn:nbn:se:his:diva-21026 (URN)10.3390/fi14040104 (DOI)000786358900001 ()2-s2.0-85128214429 (Scopus ID)
Projects
Utveckling av beslutsstöd för användare i riskfyllda situationer online
Funder
The Swedish Post and Telecom Authority (PTS), 19-10617
Note

CC BY 4.0

Published: 25 March 2022

Correspondence: joakim.kavrestad@his.se

Available from: 2022-04-05 Created: 2022-04-05 Last updated: 2023-08-03Bibliographically approved
10. What Parts of Usable Security Are Most Important to Users?
Open this publication in new window or tab >>What Parts of Usable Security Are Most Important to Users?
2021 (English)In: Information Security Education for Cyber Resilience: 14th IFIP WG 11.8 World Conference, WISE 2021, Virtual Event, June 22–24, 2021, Proceedings / [ed] Lynette Drevin; Natalia Miloslavskaya; Wai Sze Leung; Suné von Solms, Cham: Springer, 2021, p. 126-139Conference paper, Published paper (Refereed)
Abstract [en]

The importance of the human aspects of cybersecurity cannot be overstated in light of the many cybersecurity incidents stemming from insecure user behavior. Users are supposed to engage in secure behavior by use of security features or procedures but those struggle to get widespread use and one hindering factor is usability. While several previous papers studied various usability factors in the cybersecurity domain, a common understanding of usable security is missing. Further, usability covers a large range of aspects and understanding what aspects users prioritize is integral for development of truly usable security features. This paper builds on previous work and investigates what usability factors users prioritize and what demographic factors that affects the perception of usability factors. This is done through a survey answered by 1452 respondents from Sweden, Italy and UK. The results show that users prefer security functions to minimize resource consumption in terms of cost, device performance and time. The study further demonstrate that users want security functions to require as little effort as possible and just work. Further, the study determines that nation of residence and IT-competence greatly impacts the perception of usability for security functions while gender and age does so to a much lesser extent.

Place, publisher, year, edition, pages
Cham: Springer, 2021
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238, E-ISSN 1868-422X ; 615
Keywords
Usability, Usable security, Cyber security, Human, User, Perception
National Category
Information Systems
Research subject
INF303 Information Security; Information Systems
Identifiers
urn:nbn:se:his:diva-20476 (URN)10.1007/978-3-030-80865-5_9 (DOI)000708200300009 ()2-s2.0-85112036874 (Scopus ID)978-3-030-80865-5 (ISBN)978-3-030-80864-8 (ISBN)978-3-030-80867-9 (ISBN)
Conference
14th IFIP WG 11.8 World Conference on Information Security Education, WISE 2021, Virtual Event, June 22–24, 2021
Available from: 2021-08-17 Created: 2021-08-17 Last updated: 2022-09-16Bibliographically approved

Open Access in DiVA

fulltext(8784 kB)1053 downloads
File information
File name FULLTEXT01.pdfFile size 8784 kBChecksum SHA-512
daaba5d6fd21387a0523d0d95d55c708f7cf2e537befc65fcfae2bda355845c11a183070cf6c82b2c64f4068e1774a2adb8a96d18385c827f3392612fe1b04fc
Type fulltextMimetype application/pdf

Authority records

Kävrestad, Joakim

Search in DiVA

By author/editor
Kävrestad, Joakim
By organisation
School of InformaticsInformatics Research Environment
Computer SystemsInformation Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 1054 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 1851 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf