What’s it worth to you? Applying risk tradeoff paradigms to explain user interactions with interruptive security messages

Attacks on information security continue to result in large losses for organizations. Oftentimes, the breaches occur because organizational insiders fail to adhere to commonplace system security messages. This could be because, faced with the challenges and time demands of everyday stressors, security policy compliance can be costly for individuals; security actions require time and distract attention from other primary tasks. To defend against these attacks, user interactions with security messages need to be better understood. This study reports the results of a 110-participant MTurk field study that examines user interactions with interruptive security messages through the lens of a risk tradeoff paradigm. First, a gap in the information security literature is identified, wherein findings about low security-message attention are contrasted against studies that assume attention and information processing. Three competing hypotheses are proposed that describe different patterns of risk analysis that users may engage in when interacting with an interruptive security message: (1) very little to no elaboration over the risk-taking decision due to perniciously low attention, (2) consistent security message risk-taking decision elaboration, and (3) a bimodal situation where elaboration depends on the information security risk-reward tradeoff balance. Multiple behavioral dependent variables are corroborated to support the third hypothesis, suggesting the existence of a bimodal risk tradeoff paradigm for user interactions with interruptive security messages. The relevance of the findings for research and practice are discussed

Usable Security. A Systematic Literature Review

Usable security involves designing security measures that accommodate users’ needs and behaviors. Balancing usability and security poses challenges: the more secure the systems, the less usable they will be. On the contrary, more usable systems will be less secure. Numerous studies have addressed this balance. These studies, spanning psychology and computer science/engineering, contribute diverse perspectives, necessitating a systematic review to understand strategies and findings in this area. This systematic literature review examined articles on usable security from 2005 to 2022. A total of 55 research studies were selected after evaluation. The studies have been broadly categorized into four main clusters, each addressing different aspects: (1) usability of authentication methods, (2) helping security developers improve usability, (3) design strategies for influencing user security behavior, and (4) formal models for usable security evaluation. Based on this review, we report that the field’s current state reveals a certain immaturity, with studies tending toward system comparisons rather than establishing robust design guidelines based on a thorough analysis of user behavior. A common theoretical and methodological background is one of the main areas for improvement in this area of research. Moreover, the absence of requirements for Usable security in almost all development contexts greatly discourages implementing good practices since the earlier stages of development

Cybersecurity Education for Children and Adolescents in Finland : A Study in Finnish Schools

Along with the advancement of technology and the rising need for safety and security in the lives and education has raised concerns regarding cybersecurity knowledge and awareness. This thesis focuses on the cybersecurity education of students in Finnish schools. Interviewing teachers and cybersecurity professionals are done to gain insight, whether the current cybersecurity education in the existing curricula is enough, and how it could be improved. While children and adolescents spend a considerable time for entertainment purposes, their lack of understanding and awareness of cybersecurity risks is evident based on the research done in the thesis, and in the existing cybersecurity related literature. This thesis aims to categorize the findings based on the interviews into three different categories regarding what, when, and how cybersecurity knowledge and safety should be included in the cybersecurity and ICT education. The findings based on the interviews show that the most common key concerns regarding cybersecurity topics. In addition, children and adolescents should be monitored, however, the way of monitoring needs to be done by the parents to not infringe on the privacy of the youth. The concept of cybersecurity should be introduced for the youth when they first begin using electronic devices. Moreover, ICT should be introduced as its own school subject, albeit melded as a part of other subjects. The modern way of educating cybersecurity to the youth could be done through gamification (bringing gaming elements into non-gaming contexts), concrete examples, and different types of educational media. The cybersecurity and ICT education should be introduced as its own school subject or as a part of other subjects to prepare them for the future. The education must be done per age category, and teaching materials must be revised yearly, similarly how other subjects are. However, the educational system requires teachers and parents to be a part of the education as well, as some of them are not very knowledgeable regarding cybersecurity and ICT topics. The education system must be done in cooperation between different municipalities to ensure that everyone gets equal chance for education, and to avoid inequity that might rise, if not addressed by the Ministry of Education and Culture level

Essays on Timing and Economic Behavior

Economic activities unfold over time. How does timing influence our choices? How do we control our timing? Economic agents are considered to satisfy their preferences in an optimal fashion subject to constraints. Each chapter in this thesis tackles a different one of these three elements where the timing of behavior is central. In the first chapter, I study the impact of loss aversion on preferences for labor versus leisure. In a real-effort lab experiment, I show that a worker's willingness to persevere in a task is influenced by information about task completion time. To directly assess the location and impact of reference dependence, I structurally estimate labor-leisure preferences with a novel econometric approach drawing on computational neuroscience. Once participants exceed an expectations-based reference point, their subjective values of time rise sharply, and they speed up at the cost of reduced work quality and forgone earnings. In the second chapter, I propose and implement a method to test the optimality of individual deliberative time allocation. I also conduct experiments to study perceptual decision making in both simple decisions, where the difference in values between better and worse choices is known, and complex decisions, where this value difference is uncertain. The test reveals significant departures from optimality when task difficulty and monetary incentives are varied. However, a recently developed model based on optimality provides an improvement in fit over its predecessor. In the third chapter, I investigate the effects of memory constraints on choice over sequentially presented options. In a study that combines experimental paradigms used to analyze memory and judgment separately, I find a close link between order effects in choice and in memory. I show that cognitive load stemming from either an externally-imposed distractor or naturally-occuring fatigue substantially weakens primacy effects. Thus disrupting memory encoding and consolidation can potentially alleviate bias in judgment.</p

Reframing Behaviour to Foster Safe and Supporting Schools

This Organizational Improvement Plan (OIP) examines educator support to students who present with chronically challenging behaviours. Educators are experiencing an increase in the frequency and severity of interfering student behaviours affecting classroom learning, school climate, and educator mental well-being (RRDSB, 2018a, 2019b; Santor et al., 2019). Educators frequently disengage from these students and their discipline is managed by administration (RRDSB, 2019b). These students, often already members of marginalized communities (Bailey, 2015), are further marginalized by the use of exclusionary, punitive measures. This mandates a social justice framework that benefits from the moral dialogue evoked by transformative leadership (Shields, 2018). In conjunction, an ecological systems (Bronfenbrenner, 1977) approach that highlights student environment, in contrast to the culture of power and privilege of most educators (Delpit, 1988), is required. Nadler and Tushman’s (1989) Congruence Model highlights the gap between Board system values and lived experiences in schools. Reframing the faulty notion that challenging behaviour is a student choice (Greene, 2014b, 2016; Levinsky, 2016) and reframing the purpose of education as human development (Tranter et al., 2018) for a socially just world (Weiner, 2003) is foundational to implementation. The OIP uses the Change Path Model (Cawsey et al., 2016) as the blueprint upon which to layer a plan that addresses educator mindset and skill development. The use of Hord et al.’s (1987) Concerns Based Adoption Model to value educator emotion and fidelity of practice compliments an authentic and adaptive leadership approach

Behavioral patterns of individuals and groups during co-located collaboration on large, high-resolution displays

Collaboration among multiple users on large screens leads to complicated behavior patterns and group dynamics. To gain a deeper understanding of collaboration on vertical, large, high-resolution screens, this dissertation builds on previous research and gains novel insights through new observational studies. Among other things, the collected results reveal new patterns of collaborative coupling, suggest that territorial behavior is less critical than shown in previous research, and demonstrate that workspace awareness can also negatively affect the effectiveness of individual users

Undergraduate Scholarship at Winthrop University 2013 Book of Abstracts

University College created this book to present the scholarship occurring throughout all ive academic colleges in the university: College of Arts and Sciences (CAS), College of Business Administration (CBA), College of Education (COE), the College of Visual and Performing Arts (CVPA) and University College (UC). In addition to the research abstracts, we are using the book to document the students who have completed Honors heses, applied for Nationally Competitive Awards, and were selected as McNair or WISE Scholars.https://digitalcommons.winthrop.edu/undergradresearch_abstractbooks/1001/thumbnail.jp

Dynamic performance:the role of task and individual characteristics

Nowadays, it is expected from employees that they are flexible and able to deal with unforeseen changes at work. This is what has been called dynamic performance or adaptive performance. In Air Traffic Control, it is even more important that Air Traffic Controllers are able to deal with all the information they receive to ensure safe air traffic. In the light of sudden technological failures, it is important to find out which factors predict how employees can effectively respond to such a failure. In this way, information will be gained on how to cope with, for example, these technological failures and how we can assist professionals to cope with these types of unforeseen changes in the work. This PhD thesis describes a literature review and three empirical studies about how individuals effectively respond to unforeseen changes in their work, and which characteristics of the task and the individuals can predict dynamic performance