当前位置:
X-MOL 学术
›
Cyberpsychology, Behavior, and Social Networking
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Exploring Workers' Subjective Experiences of Habit Formation in Cybersecurity: A Qualitative Survey
Cyberpsychology, Behavior, and Social Networking ( IF 6.135 ) Pub Date : 2021-09-15 , DOI: 10.1089/cyber.2020.0631 Emily I.M. Collins 1 , Joanne Hinds 2
Cyberpsychology, Behavior, and Social Networking ( IF 6.135 ) Pub Date : 2021-09-15 , DOI: 10.1089/cyber.2020.0631 Emily I.M. Collins 1 , Joanne Hinds 2
Affiliation
Employee behaviors remain at the center of the cybersecurity of workplaces, despite the challenges they face in doing so. Time pressures and competing demands mean that users tend to rely on habitual behaviors that often run counter to good cybersecurity practice. One possible solution may be to encourage positive habit formation. Designing such interventions, however, relies on knowledge of the perception and experience of habit formation in the context of cybersecurity. To this end, a qualitative survey containing open-ended questions was completed by 195 participants (mean age = 35.51, 53 percent female) recruited via an online participant panel. Participants were asked what cybersecurity behaviors they perform at work and how they believe any habits were prompted, formed, and maintained. Thematic analysis identified three over-arching themes: (a) forming habits unavoidably or unconsciously (some were mandated, or formed without conscious awareness), (b) consciously cultivating habits (including the roles of intrinsic motivation and external prompts), and (c) social and organizational influences (including the influence of occupational culture, social modeling, previous experiences, and information gathering practices). Based on these findings, we present guidelines for supporting workplace cybersecurity habit formation reflecting these subjective experiences, namely introducing automatic solutions, facilitating external cues, fostering interest in cybersecurity issues among employees, creating a positive cybersecurity occupational culture and highlighting positive behavior, and providing access to accessible cybersecurity information to employees. These results constitute a first step in identifying how habits can be exploited for positive cybersecurity behavior change in a way that accounts for the reliance on habitual behaviors in busy, time-pressured workplaces.
中文翻译:
探索工人在网络安全习惯形成方面的主观体验:一项定性调查
员工行为仍然是工作场所网络安全的核心,尽管他们在这样做时面临挑战。时间压力和竞争需求意味着用户倾向于依赖习惯性行为,而这些行为往往与良好的网络安全实践背道而驰。一种可能的解决方案可能是鼓励积极的习惯养成。然而,设计此类干预措施依赖于对网络安全背景下习惯形成的感知和经验的了解。为此,通过在线参与者小组招募的 195 名参与者(平均年龄 = 35.51,53% 为女性)完成了一项包含开放式问题的定性调查。参与者被问及他们在工作中的网络安全行为,以及他们认为任何习惯是如何被促使、形成和保持的。专题分析确定了三个总体主题:不可避免地或无意识地形成习惯(有些是强制性的,或在没有意识的情况下形成的),(b)有意识地培养习惯(包括内在动机和外部提示的作用),以及(c)社会和组织的影响(包括职业文化、社会建模、以前的经验和信息收集实践的影响)。基于这些发现,我们提出了支持反映这些主观经验的工作场所网络安全习惯形成的指导方针,即引入自动解决方案、促进外部线索、培养员工对网络安全问题的兴趣、创造积极的网络安全职业文化和突出积极的行为,以及提供访问向员工提供可访问的网络安全信息。这些结果构成了确定如何利用习惯来改变积极的网络安全行为的第一步,这种方式解释了在繁忙、时间紧迫的工作场所中对习惯行为的依赖。
更新日期:2021-09-19
中文翻译:
探索工人在网络安全习惯形成方面的主观体验:一项定性调查
员工行为仍然是工作场所网络安全的核心,尽管他们在这样做时面临挑战。时间压力和竞争需求意味着用户倾向于依赖习惯性行为,而这些行为往往与良好的网络安全实践背道而驰。一种可能的解决方案可能是鼓励积极的习惯养成。然而,设计此类干预措施依赖于对网络安全背景下习惯形成的感知和经验的了解。为此,通过在线参与者小组招募的 195 名参与者(平均年龄 = 35.51,53% 为女性)完成了一项包含开放式问题的定性调查。参与者被问及他们在工作中的网络安全行为,以及他们认为任何习惯是如何被促使、形成和保持的。专题分析确定了三个总体主题:不可避免地或无意识地形成习惯(有些是强制性的,或在没有意识的情况下形成的),(b)有意识地培养习惯(包括内在动机和外部提示的作用),以及(c)社会和组织的影响(包括职业文化、社会建模、以前的经验和信息收集实践的影响)。基于这些发现,我们提出了支持反映这些主观经验的工作场所网络安全习惯形成的指导方针,即引入自动解决方案、促进外部线索、培养员工对网络安全问题的兴趣、创造积极的网络安全职业文化和突出积极的行为,以及提供访问向员工提供可访问的网络安全信息。这些结果构成了确定如何利用习惯来改变积极的网络安全行为的第一步,这种方式解释了在繁忙、时间紧迫的工作场所中对习惯行为的依赖。
京公网安备 11010802027423号