research-article

Security on Autopilot: Why Current Security Theories Hijack our Thinking and Lead Us Astray

Authors:

Alan R. Dennis,

Randall K. MinasAuthors Info & Claims

ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Volume 49, Issue SI

Pages 15 - 38

https://doi.org/10.1145/3210530.3210533

Published: 25 April 2018 Publication History

Abstract

Most current information systems security theories assume a rational actor making deliberate decisions, yet recent research in psychology suggests that such deliberate thinking is not as common as we would expect. Much of human behavior is controlled by nonconscious automatic cognition (called System 1 cognition). The deliberate rational cognition of System 2 is triggered when System 1 detects something that is not normal; otherwise we often operate on autopilot. When we do engage System 2 cognition, it is influenced by the System 1 cognition that preceded it. In this paper we present an alternative theoretical approach to information security that is based on the nonconscious automatic cognition of System 1. In a System 1 world, cognition is a sub-second process of pattern-matching a stimulus to an existing person-context heuristic. These person-context heuristics are influenced by personality characteristics and a lifetime of experiences in the context. Thus System 1 theories are closely tied to individuals and the specific security context of interest. Methods to improve security compliance take on a very new form; the traditional approaches to security education and training that provide guidelines and ways to think about security have no effect when behavior is controlled by System 1, because System 1 cognition is instant pattern matching not deliberative. Thus in a System 1 world, we improve security by changing the heuristics used by System 1's pattern matching and/or by changing what System 1 sees as "normal" so that it triggers the deliberate cognition of System 2. In this article, we examine System 1 and System 2 cognition, while calling for increased research to develop theories of System 1 cognition in the cybersecurity literature.

References

[1]

Achtziger, A.,&Alós-Ferrer, C. (2013). Fast or rational? A response-times study of bayesian updating. Management Science, 60(4), 923--938.

Digital Library

[2]

Anderson, C. L.,&Agarwal, R. (2010). Practicing safe computing: A multimedia empirical examination of home computer user security behavioral intentions. MIS Quarterly, 34(3), 613--643.

[3]

Ariely, D. (2009). Predictably irrational. New York: HarperCollins.

[4]

Bago, B.,&De Neys, W. (2017). Fast logic: Examining the time course assumption of dual process theory. Cognition, 158, 90--109.

[5]

Bargh, J. A.,&Chartrand, T. L. (1999). The unbearable automaticity of being. American Psychologist, 54(7), 462.

[6]

Bargh, J. A.,&Chartrand, T. L. (2000). Studying the mind in the middle: A practical guide to priming and automaticity research. In H. Reis&C. Judd (Eds.), Handbook of research methods in social psychology. New York: Cambridge University.

[7]

Bargh, J. A., Chen, M.,&Burrows, L. (1996). Automaticity of social behavior: Direct effects of trait construct and stereotype activation on action. Journal of Personality and Social Psychology, 71(2), 230--244.

[8]

Bargh, J. A.,&Ferguson, M. J. (2000). Beyond behaviorism: On the automaticity of higher mental processes. Psychological Bulletin, 126(6), 925.

[9]

Bargh, J. A.,&Morsella, E. (2008). The unconscious mind. Perspectives on Psychological Science, 3(1), 73--79.

[10]

Barrick, M. R.,&Mount, M. K. (1991). The big five personality dimensions and job performance: A meta-analysis. Personnel Psychology, 44(1), 1--26.

[11]

Bellini-Leite, S. d. C. (2013). The embodied embedded character of system 1 processing. Mens Sana Monographs, 11(1), 239--252.

[12]

Benedetto, D. M., Kumaran, D., Seymour, B.,&Dolan, R. J. (2006). Frames, biases, and rational decision-making in the human brain. Science, 313(684), 684--687.

[13]

Bono, J. E.,&Judge, T. A. (2004). Personality and transformational and transactional leadership: A meta-analysis. Journal of Applied Psychology, 89(5), 901--910.

[14]

Boss, S. R., Galletta, D. F., Lowry, P. B., Moody, G. D.,&Polak, P. (2015). What do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly, 39(4), 837--864.

Digital Library

[15]

Bulgurcu, B., Cavusoglu, H.,&Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523--548.

[16]

Carlston, D. E.,&Skowronski, J. J. (1994). Savings in the relearning of trait information as evidence for spontaneous inference generation. Journal of Personality and Social Psychology, 66(5), 840.

[17]

Chao, G. T.,&Moon, H. (2005). The cultural mosaic: A metatheory for understanding the complexity of culture. Journal of Applied Psychology, 90(6), 1128.

[18]

Chatterjee, S., Sarker, S.,&Valacich, J. S. (2015). The behavioral roots of information systems security: Exploring key factors related to unethical IT use. Journal of Management Information Systems, 31(4), 49--87.

[19]

Chen, M.,&Bargh, J. A. (1999). Consequences of automatic evaluation: Immediate behavioral predispositions to approach or avoid the stimulus. Personality and Social Psychology Bulletin, 25(2), 215--224.

[20]

Chiang, L.,&Lee, B. (2011). Ethical attitude and behaviors regarding computer use. Ethics&Behavior, 21(6), 481--497.

[21]

Cho, J., Hasan, C.,&Oltramari, A. (2016). Effect of personality traits on trust and risk to phishing vulnerability: Modeling and analysis. IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA). New York: IEEE.

[22]

Costa, P. T., McCrae, R. R.,&Dye, D. A. (1991). Facet scales for agreeableness and conscientiousness: A revision of the neo personality inventory. Personality and Individual Differences, 12(9), 887--898.

[23]

Cox, J. (2012). Information systems user security: A structured model of the knowing-doing gap. Computers in Human Behavior, 28(5), 1849--1858.

Digital Library

[24]

Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M.,&Baskerville, R. (2013). Future directions for behavioral information security research. Computers&Security, 32, 90--101.

Digital Library

[25]

D'Arcy, J., Hovav, A.,&Galletta, D. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20(1), 79--98.

Digital Library

[26]

De Dreu, C. K. W.,&Nauta, A. (2009). Self-interest and other-orientation in organizational behavior: Implications for job performance, prosocial behavior, and personal initiative. Journal of Applied Psychology, 94(4), 913--926.

[27]

de Guinea, A. O.,&Markus, M. L. (2009). Why break the habit of a lifetime? Rethinking the roles of intention, habit, and emotion in continuing information technology use. MIS Quarterly, 33(3), 433--444.

[28]

De Neys, W. (2014). Conflict detection, dual processes, and logical intuitions: Some clarifications. Thinking&Reasoning, 20(2), 169--187.

[29]

Dennis, A. R., Minas, R. K.,&Bhagwatwar, A. P. (2013). Sparking creativity: Improving electronic brainstorming with individual cognitive priming. Journal of Management Information Systems, 29(4), 195--216

[30]

Dennis, A. R.,&Valacich, J. S. (2001). Conducting experimental research in information systems. Communications of the Association for Information Systems, 7(1), 5.

[31]

Dijk, J. v., Kerkhofs, R., Rooij, I. v.,&Haselager, P. (2008). Special section: Can there be such a thing as embodied embedded cognitive neuroscience? Theory&Psychology, 18(3), 297--316.

[32]

Dimoka, A., Banker, R. D., Benbasat, I., Davis, F. D., Dennis, A. R., Gefen, D.,. .. Pavlou, P. A. (2012). On the use of neurophysiological tools in is research: Developing a research agenda for NeuroIS. MIS Quarterly, 36(3), 679--702.

[33]

Duckworth, K. L., Bargh, J. A., Garcia, M.,&Chaiken, S. (2002). The Automatic evaluation of novel stimuli. Psychological Science, 13(6), 513--519.

[34]

Ernst,&Young. (2017). EY's 19th global information security survey 2016--17. http://www.ey.com/ gl/en/services/advisory/ey-global-information-security-survey-2016. Current February, 2018.

[35]

Evans, J. S. B. T. (2008). Dual-processing accounts of reasoning, judgment, and social cognition. Annual Review of Psychology, 59(1), 255--278.

[36]

Evans, J. S. B. T. (2014). Two minds rationality. Thinking&Reasoning, 20(2), 129--146.

[37]

Evans, J. S. B. T.,&Stanovich, K. E. (2013). Dual-process theories of higher cognition: Advancing the debate. Perspectives on Psychological Science, 8(3), 223--241.

[38]

Fazio, R. H.,&Olson, M. A. (2003). Implicit measures in social cognition research: Their meaning and use. Annual Review of Psychology, 54(1), 297--327.

[39]

Fazio, R. H., Sanbonmatsu, D. M., Powell, M. C.,&Kardes, F. R. (1986). On the automatic activation of attitudes. Journal of Personality and Social Psychology, 50(2), 229--238.

[40]

Fiske, S. T., Lin, M.,&Neuberg, S. L. (1999). The Continuum Model: Ten Years Later. In S. Chaiken&Y. Trope (Eds.), Dual-process theories in social and cognitive psychology (pp. 231--254). New York: Guilford.

[41]

Fiske, S. T.,&Neuberg, S. L. (1990). A continuum of impression formation, from category-based to individuating processes: Influences of information and motivation on attention and interpretation. In M. P. Zanna (Ed.), Advances in experimental social psychology (pp. 1--74): Cambridge, MA: Academic Press.

[42]

Gersick, C. J. G.,&Hackman, J. R. (1990). Habitual routines in task-performing groups. Organizational Behavior and Human Decision Processes, 47(1), 65--97.

[43]

Guo, L., Trueblood, J. S.,&Diederich, A. (2017). Thinking fast increases framing effects in risky decision making. Psychological Science, 28(4), 530--543.

[44]

Herath, T.,&Rao, H. R. (2009). Protection motivation and deterrence: a framework for security policy compliance in organizations. European Journal of Information Systems, 18(2), 106--125.

[45]

Hirschman, E. C.,&Holbrook, M. B. (1982). Hedonic consumption: emerging concepts, methods and propositions. The Journal of Marketing, 46(3), 92--101.

[46]

Holroyd, C. B.,&Coles, M. G. H. (2002). The neural basis of human error processing: Reinforcement learning, dopamine, and the error-related negativity. Psychological Review, 109(4), 679--709.

[47]

Hong, J. (2012). The state of phishing attacks. Communications of the ACM, 55(1), 74--81.

Digital Library

[48]

Hu, Q., Xu, Z., Dinev, T.,&Ling, H. (2011). Does deterrence work in reducing information security policy abuse by employees? Communications of the ACM, 54(6), 54--60.

Digital Library

[49]

Huber, G. P. (1983). Cognitive style as a basis for MIS and DSS designs: Much ado about nothing? Management Science, 29(5), 567--579.

Digital Library

[50]

Hui, K. L., Vance, A.,&Zhdanov, D. (2016). Securing digital assets. https://www.misqresearchcurations. org/. Current February, 2018

[51]

Jasperson, J., Carter, P. E.,&Zmud, R. W. (2005). A comprehensive conceptualization of post-adoptive behaviors associated with information technology enabled work systems. MIS Quarterly, 29(3), 525--557.

Digital Library

[52]

Johnson, E. D., Tubau, E.,&De Neys, W. (2016). The doubting system 1: Evidence for automatic substitution sensitivity. Acta Psychologica, 164, 56--64.

[53]

Johnston, A. C.,&Warkentin, M. (2010). Fear appeals and information security behaviors: an empirical study. MIS Quarterly, 34(3), 549--566.

[54]

Johnston, A. C., Warkentin, M., McBride, M.,&Carter, L. (2016). Dispositional and situational factors: influences on information security policy violations. European Journal of Information Systems, 25(3), 231--251.

[55]

Johnston, A. C., Warkentin, M.,&Siponen, M. T. (2015). An enhanced fear appeal rhetorical framework: Leveraging threats to the human asset through sanctioning rhetoric. MIS Quarterly, 39(1), 113--134.

Digital Library

[56]

Kahneman, D. (2011). Thinking, fast and slow. New York: Macmillan.

[57]

Kahneman, D.,&Tversky, A. (1979). On the interpretation of intuitive probability: A reply to Jonathan Cohen. Cognition, 7(4), 409--411.

[58]

Kappelman, L., McLean, E., Johnson, V.,&Torres, R. (2016). The 2015 SIM IT issues and trends study. MIS Quarterly Executive, 15(1), 55--83.

[59]

Klayman, J. (1995). Varieties of confirmation bias. Psychology of Learning and Motivation, 32, 385--418.

[60]

Klein, G. (1999). Applied decision making. In P.A. Hancock (Ed.), Human performance and ergonomics (pp. 87--107). San Diego: Academic Press.

[61]

Kosner, A. W. (2014). Actually two attacks in one, target breach affected 70 to 110 million customers. https://www.forbes.com/sites/anthonykosner/2014/01/17/actually-two-attacks-in-one-target-breach-affected-70-to-110-million-customers/ #187b23b45482. Current February, 2018.

[62]

Kunda, Z. (1990). The case for motivated reasoning. Psychological Bulletin, 108(3), 480--498.

[63]

Lang, P. J., Bradley, M. M.,&Cuthbert, B. N. (1990). Emotion, attention, and the startle reflex. Psychological Review, 97(3), 377--395.

[64]

Liang, H.,&Xue, Y. (2009). Avoidance of information technology threats: A theoretical perspective. MIS Quarterly, 33(1), 71--90.

[65]

Liang, H.,&Xue, Y. (2010). Understanding security behaviors in personal computer usage: A threat avoidance perspective. Journal of the Association for Information Systems, 11(7), 394.

[66]

Loewenstein, G., O'Donoghue, T.,&Bhatia, S. (2015). Modeling the interplay between affect and deliberation. Decision, 2(2), 55--81.

[67]

Lord, C. G., Scott, K. O., Pugh, M. A.,&Desforges, D. M. (1997). Leakage beliefs and the correspondence bias. Personality and Social Psychology Bulletin, 23(8), 824--836.

[68]

Louis, M. R.,&Sutton, R. I. (1991). Switching cognitive gears: from habits of mind to active thinking. Human Relations, 44(1), 55--76.

[69]

Maheswaran, D.,&Chaiken, S. (1991). Promoting systematic processing in low-motivation settings: Effect of incongruent information on processing and judgment. Journal of Personality and Social Psychology, 61(1), 13--25.

[70]

Martin, J. M. (1980). A garbage can model of the research process. In J. McGrath, J. Marting&R. Kulka (Eds.), Judgment calls in research. Beverly Hills, CA: Sage.

[71]

Minas, R. K., Poor, M., Dennis, A. R.,&Bartelt, V. L. (2016). A prime a day keeps calories away: The effects of supraliminal priming on food consumption and the moderating role of gender and eating restraint. Appetite, 105, 494--499.

[72]

Minas, R. K., Potter, R. F., Dennis, A. R., Bartelt, V.,&Bae, S. (2014). Putting on the Thinking Cap: Using NeuroIS to Understand Information Processing Biases in Virtual Teams. Journal of Management Information Systems, 30(4), 49--82.

[73]

Modic, D.,&Lea, S. E. How neurotic are scam victims, really? The big five and Internet scams. https://ssrn.com/abstract=2448130. Current February, 2018.

[74]

Moody, G. D., Siponen, M.,&Pahnila, S. (2018). Toward a unified model of information security policy compliance. MIS Quarterly, 42(1), 285-A222.

Digital Library

[75]

Nickerson, R. S. (1998). Confirmation bias: A ubiquitous phenomenon in many guises. Review of General Psychology, 2(2), 175.

[76]

Oliveira, D., Rocha, H., Yang, H., Ellis, D., Dommaraju, S., Muradoglu, M.,. .. Ebner, N. (2017). Dissecting spear phishing emails for older vs young adults: On the interplay of weapons of influence and life domains in predicting susceptibility to phishing. Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. New York: Association for Computing Machinery.

Digital Library

[77]

Perlroth, N. (2014). Home Depot data breach could be the largest yet. https://bits.blogs.nytimes.com/ 2014/09/08/home-depot-confirms-that-it-was-hacked/. Current February, 2018.

[78]

Pratt, T. C., Cullen, F. T., Blevins, K. R., Daigle, L. E.,&Madensen, T. D. (2006). The empirical status of deterrence theory: A meta-analysis. In F. Cullen, J. Wright&K. Blevins (Eds.), Taking stock: The status of criminological theory, Vol. 15 (pp. 367--396). New York: Rutledge.

[79]

PricewaterhouseCoopers. (2017). The global state of information security survey 2017. Retrieved from http://www.pwc.com/gsiss2015. Current February, 2018.

[80]

Rogers, R. W. (1983). Cognitive and physiological processes in fear appeals and attitude change: A revised theory of protection motivation. In J. Cacioppo&R. Petty (Eds.), Social psychophysiology: A sourcebook (pp. 153--176). New York: Guilford Press.

[81]

Schwarz, N.,&Clore, G. L. (2007). Feelings and phenomenal experiences. In E. T. Higgins&A. W. Kruglanski (Eds.), Social psychology: A handbook of basic principles. New York: Guilford Press.

[82]

Seyal, A. H.,&Turner, R. (2013). A study of executives' use of biometrics: an application of theory of planned behavior. Behavior&Information Technology, 32(12), 1242--1256.

Digital Library

[83]

Shaffer, D. (2008). Social and personality development, 6th edition. Toronto, ON: Nelson Education.

[84]

Shariff, A. F.,&Norenzayan, A. (2007). God Is watching you: Priming God concepts increases prosocial behavior in an anonymous economic game. Psychological Science, 18(9), 803--809.

[85]

Siponen, M.,&Vance, A. (2010). Neutralization: New insights into the problem of employee information systems security policy violations. MIS Quarterly, 34(3), 487--502.

[86]

Smith, N. K., Cacioppo, J. T., Larsen, J. T.,&Chartrand, T. L. (2003). May I have your attention, please: Electrocortical responses to positive and negative stimuli. Neuropsychologia, 41(2), 171--183.

[87]

Srull, T. K.,&Wyer, R. S. (1979). The role of category accessibility in the interpretation of information about persons: Some determinants and implications. Journal of Personality and Social Psychology, 37(10),

[88]

Srull, T. K.,&Wyer, R. S. (1980). Category accessibility and social perception: Some implications for the study of person memory and interpersonal judgments. Journal of Personality and Social Psychology, 38(6), 841--856.

[89]

Srull, T. K.,&Wyer, R. S. (1983). The role of control processes and structural constraints in models of memory and social judgment. Journal of Experimental Social Psychology, 19(6), 497--521.

[90]

Stafford, T. F. (1996). Conscious and unconscious processing of priming cues in selling encounters. Journal of Personal Selling&Sales Management, 16(2), 37--44.

[91]

Stanovich, K. E. (1999). Who is rational? Studies of individual differences in reasoning. New York: Psychology Press.

[92]

Stanovich, K. E. (2004). Metarepresentation and the great cognitive divide: A commentary on Henriques' "Psychology Defined." Journal of Clinical Psychology, 60(12), 1263--1266.

[93]

Stanovich, K. E.,&West, R. F. (2000). Advancing the rationality debate. Behavioral and Brain Sciences, 23(5), 701--717.

[94]

Straub, D. W.,&Collins, R. W. (1990). Key information liability issues facing managers: Software piracy, proprietary databases, and individual rights to privacy. MIS Quarterly, 14(2), 143--156.

Digital Library

[95]

Straub, D. W.,&Nance, W. D. (1990). Discovering and disciplining computer abuse in organizations: A field study. MIS Quarterly, 14(1), 45--60.

Digital Library

[96]

Sutton, R. S.,&Barto, A. G. (1998). Reinforcement learning: An introduction, Vol. 1. Cambridge, MA: MIT press.

Digital Library

[97]

Taylor, S. E.,&Fiske, S. T. (1978). Salience, attention, and attribution: Top of the head phenomena. In L. Berkowitz (Ed.), Advances in experimental social psychology, Vol. 11 (pp. 249--288). Cambridge, MA: Academic Press.

[98]

Thompson, V.,&Morsanyi, K. (2012). Analytic thinking: Do you feel like it? Mind&Society, 11(1), 93--105.

[99]

Thompson, V. A. (2013). Why it matters: The Implications of autonomous processes for dual process theories - Commentary on Evans&Stanovich (2013). Perspectives on Psychological Science, 8(3), 253--256.

[100]

Thompson, V. A., Prowse Turner, J. A.,&Pennycook, G. (2011). Intuition, reason, and metacognition. Cognitive Psychology, 63(3), 107--140.

[101]

Todorov, A.,&Uleman, J. S. (2003). The efficiency of binding spontaneous trait inferences to actors' faces. Journal of Experimental Social Psychology, 39(6), 549--562.

[102]

Triandis, H. C. (1971). Attitude and attitude change. New York: Wiley.

[103]

Tsohou, A., Karyda, M.,&Kokolakis, S. (2015). Analyzing the role of cognitive and cultural biases in the internalization of information security policies: Recommendations for information security awareness programs. Computers&Security, 52, 128--141.

Digital Library

[104]

Tversky, A.,&Kahneman, D. (1981). The framing of decisions and the psychology of choice. Science, 211(4481), 453--458.

[105]

van der Heijden, H. (2004). User acceptance of hedonic information systems. MIS Quarterly, 28(4), 695--704.

[106]

Vance, A., Siponen, M.,&Pahnila, S. (2012). Motivating IS security compliance: Insights from habit and protection motivation theory. Information&Management, 49(3--4), 190--198.

Digital Library

[107]

Vishwanath, A., Herath, T., Chen, R., Wang, J.,&Rao, H. R. (2011). Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model. Decision Support Systems, 51(3), 576--586.

Digital Library

[108]

Wakefield, R. L.,&Whitten, D. (2006). Mobile computing: a user study on hedonic/utilitarian mobile device usage. European Journal of Information Systems, 15(3), 292--300.

[109]

Wang, J., Li, Y.,&Rao, H. R. (2017). Coping responses in phishing detection: An investigation of antecedents and consequences. Information Systems Research, 28(2), 378--396.

Digital Library

[110]

Warkentin, M., Johnston, A. C.,&Shropshire, J. (2011). The influence of the informal social learning environment on information privacy policy compliance efficacy and intention. European Journal of Information Systems, 20(3), 267--284.

[111]

Willison, R.,&Warkentin, M. (2013). Beyond deterrence: An expanded view of employee computer abuse. MIS Quarterly, 37(1), 1--20.

Digital Library

[112]

Wood, W., Quinn, J. M.,&Kashy, D. A. (2002). Habits in everyday life: Thought, emotion, and action. Journal of Personality and Social Psychology, 83(6), 1281--1297.

[113]

Workman, M., Bommer, W. H.,&Straub, D. (2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior, 24(6), 2799--2816.

Digital Library

[114]

Yao, M. Z.,&Linz, D. G. (2008). Predicting self-protections of online privacy. CyberPsychology&Behavior, 11(5), 615--617.

[115]

Yi, Y. (1990). Cognitive and affective priming effects of the context for print advertisements. Journal of Advertising, 19(2), 40--48.

[116]

Zhang, T. (2016). Training decrement in security awareness training. KSU Conference on Cybersecurity Education, Research and Practice.

Cited By

Liu QLyu YTang JFan W(2024)Optimizing the Service Efficacy of Crowd Ratings in Curbing Fake News Dissemination on Social MediaInternational Journal of Crowd Science10.26599/IJCS.2024.91000208:3(110-121)Online publication date: Aug-2024
https://doi.org/10.26599/IJCS.2024.9100020
Geels JGraßl PSchraffenberger HTanis MKleemans M(2024)Virtual lab coats: The effects of verified source information on social media post credibilityPLOS ONE10.1371/journal.pone.030232319:5(e0302323)Online publication date: 29-May-2024
https://doi.org/10.1371/journal.pone.0302323
Chen XWang YWei SShen J(2024)The Effect of Herd Behavior on Consumer Intention in Live Streaming E-Commerce: The Moderating Role of InteractionInternational Journal of Human–Computer Interaction10.1080/10447318.2024.2364464(1-14)Online publication date: 17-Jun-2024
https://doi.org/10.1080/10447318.2024.2364464
Show More Cited By

Index Terms

Security on Autopilot: Why Current Security Theories Hijack our Thinking and Lead Us Astray
1. Human-centered computing
  1. Human computer interaction (HCI)
2. Security and privacy
  1. Formal methods and theory of security
  2. Human and societal aspects of security and privacy

Recommendations

The turn to practice in HCI: towards a research agenda
CHI '14: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

This paper argues that a new paradigm for HCI research, which we label the 'practice' perspective, has been emerging in recent years. This stands in contrast to the prevailing mainstream HCI paradigm, which we term the 'interaction' perspective. The '...
Mediating Group Experiences: Designing the In-Between
TEI '15: Proceedings of the Ninth International Conference on Tangible, Embedded, and Embodied Interaction

In this paper I present ongoing design research that explores mediating group experiences. The objective of the paper is to introduce subject matter and design research approach, to provide material for an in depth discussion of challenges.

Several ...
Walking the Line: The Everyday Security Ties that Bind
Human Aspects of Information Security, Privacy and Trust
Abstract
In this paper we argue that in contemporary society a form of security emerges that is qualitatively neither technological nor social but that is truly sociotechnical. We argue that everyday security is a form of sociotechnical security co-...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGMIS Database: the DATABASE for Advances in Information Systems

ACM SIGMIS Database: the DATABASE for Advances in Information Systems Volume 49, Issue SI

April 2018

120 pages

ISSN:0095-0033

EISSN:1532-0936

DOI:10.1145/3210530

Editors:
Stacie Petter
Baylor University, Waco, TX
,
Tom Stafford
Louisiana Tech University, Ruston, LA
,
Xihui "Paul" Zhang
Northern Alabama University, Florence, AL
,
Heidi Seward
Baylor University, Waco, TX

Issue’s Table of Contents

Copyright © 2018 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 April 2018

Published in SIGMIS Volume 49, Issue SI

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

41
Total Citations
View Citations
876
Total Downloads

Downloads (Last 12 months)94
Downloads (Last 6 weeks)4

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Liu QLyu YTang JFan W(2024)Optimizing the Service Efficacy of Crowd Ratings in Curbing Fake News Dissemination on Social MediaInternational Journal of Crowd Science10.26599/IJCS.2024.91000208:3(110-121)Online publication date: Aug-2024
https://doi.org/10.26599/IJCS.2024.9100020
Geels JGraßl PSchraffenberger HTanis MKleemans M(2024)Virtual lab coats: The effects of verified source information on social media post credibilityPLOS ONE10.1371/journal.pone.030232319:5(e0302323)Online publication date: 29-May-2024
https://doi.org/10.1371/journal.pone.0302323
Chen XWang YWei SShen J(2024)The Effect of Herd Behavior on Consumer Intention in Live Streaming E-Commerce: The Moderating Role of InteractionInternational Journal of Human–Computer Interaction10.1080/10447318.2024.2364464(1-14)Online publication date: 17-Jun-2024
https://doi.org/10.1080/10447318.2024.2364464
Chen QHong Y(2024)Dual Routes of Training on Information Security Policy ComplianceJournal of Computer Information Systems10.1080/08874417.2023.2300637(1-17)Online publication date: 5-Jan-2024
https://doi.org/10.1080/08874417.2023.2300637
Ansari KGhasemaghaei MTurel O(2024)Cutting corners as a coping strategy in information technology use: Unraveling the mind's dilemmaInformation & Management10.1016/j.im.2024.10405761:8(104057)Online publication date: Dec-2024
https://doi.org/10.1016/j.im.2024.104057
Vedadi AWarkentin MStraub DShropshire J(2024)Fostering information security compliance as organizational citizenship behaviorInformation & Management10.1016/j.im.2024.10396861:5(103968)Online publication date: Jul-2024
https://doi.org/10.1016/j.im.2024.103968
Pflughoeft KZahedi FChen Y(2024)Data avatars: A theory-guided design and assessment for multidimensional data visualizationInformation & Management10.1016/j.im.2023.10391161:2(103911)Online publication date: Mar-2024
https://doi.org/10.1016/j.im.2023.103911
Williams JZafar HGupta S(2024)Fortifying healthcare: An action research approach to developing an effective SETA programComputers & Security10.1016/j.cose.2023.103655138(103655)Online publication date: Mar-2024
https://doi.org/10.1016/j.cose.2023.103655
Chen JZhang XZheng HChen JZhang XZheng H(2024)A Novel DNN Object Contour Attack on Image RecognitionAttacks, Defenses and Testing for Deep Learning10.1007/978-981-97-0425-5_4(55-74)Online publication date: 4-Jun-2024
https://doi.org/10.1007/978-981-97-0425-5_4
Galvão AChumbo IAnes E(2023)Behavioural Psychology Towards Artificial Intelligence in CybersecurityExploring Cyber Criminals and Data Privacy Measures10.4018/978-1-6684-8422-7.ch002(19-39)Online publication date: 30-Jun-2023
https://doi.org/10.4018/978-1-6684-8422-7.ch002
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents