Litcius/Paper detail

Rushed to crack – On the perceived effectiveness of cybersecurity measures for secure behaviour under time pressure

Noman H. Chowdhury, Marc T. P. Adam, Timm Teubner

2022Behaviour and Information Technology13 citationsDOI

Abstract

Time pressure, a common phenomenon in everyday workplace environments, is an important driver for non-secure cybersecurity behaviour in organisations. Under time pressure, users are more likely to rely upon fast, affect-driven decision making, increasing their susceptibility to make mistakes and justify non-secure workarounds. This contributes to the role of human error in cybersecurity and counteracts cybersecurity measures (CSMs) designed to protect organisations from threats and vulnerabilities. In this study, we report results from an online survey (N = 207), investigating how users perceive the effectiveness of CSMs for facilitating secure behaviour under time pressure. Understanding how users perceive the effectiveness of CSMs is important to inform the design and implementation of such measures in practice. We find that perceived CSM effectiveness differs greatly across measures. Thereby, users’ appreciation of incident severity and the general level of time pressure in their daily lives emerge as important antecedents. We discuss theoretical and practical implications for the design and implementation of CSMs.

Topics & Concepts

WorkaroundComputer securityComputer scienceAffect (linguistics)Internet privacyPsychologyCommunicationProgramming languageInformation and Cyber SecurityCybercrime and Law Enforcement StudiesPrivacy, Security, and Data Protection