Computer Security and Risky Computing Practices: A Rational Choice Perspective

doi:10.4018/joeuc.2004070102

Reference Hub

This research has been cited in:

Conference
Combatting phishing: A holistic human approach2014 Information Security for South Africa10.1109/ISSA.2014.6950508
Conference
The socio-monetary incentives of online social network malware campaignsProceedings of the second ACM conference on Online social networks10.1145/2660460.2660478
Article
Toward a Unified View of Dynamic Information Security BehaviorsACM SIGMIS Database: the DATABASE for Advances in Information Systems10.1145/3447934.3447940
Conference
Measuring the Human Factor in Information Security and Privacy2016 49th Hawaii International Conference on System Sciences (HICSS)10.1109/HICSS.2016.459
Article
Factors affecting perception of information security and their impacts on IT adoption and security practicesInternational Journal of Human-Computer Studies10.1016/j.ijhcs.2011.07.007
Article
Security awareness of computer users: A phishing threat avoidance perspectiveComputers in Human Behavior10.1016/j.chb.2014.05.046
Article
An Extended Perspective on Individual Security BehaviorsACM SIGMIS Database: the DATABASE for Advances in Information Systems10.1145/2691517.2691521
Conference
Quality Dimensions of the DeLone-McLean Model to Measure User Satisfaction: An Empirical Test on the Information Security Context2015 48th Hawaii International Conference on System Sciences10.1109/HICSS.2015.593
Article
The Effects of Personal Consciousness and Organizational Information Security Climate on the Employee's Security Behavior: from the Perspective of Industrial Safety BehaviorJournal of Social Science10.16881/jss.2018.10.29.4.3
Article
Dynamics of organizational information securitySystem Dynamics Review10.1002/sdr.405
Chapter
Mental Models – General Introduction and Review of Their Application to Human-Centred Security‘10.1007/978-3-642-42001-6_18
Chapter
Responses to Cyber Near‐Misses: A Scale to Measure Individual DifferencesApplied Risk Analysis for Guiding Homeland Security Policy10.1002/9781119287490.ch11
Article
Triggers of Change in Information Security Management PracticesJournal of General Management10.1177/030630700703200404
Conference
Accepting the inevitableProceedings of the third ACM conference on Data and application security and privacy10.1145/2435349.2435396
Article
Local learning from municipal ransomware attacks: A geographically weighted analysisInformation & Management10.1016/j.im.2021.103482
Article
Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and MeasuresProcedia Computer Science10.1016/j.procs.2015.12.151
Conference
Dancing Pigs or Externalities?Proceedings of the 2018 ACM Conference on Economics and Computation10.1145/3219166.3219185
Article
Recommendations for information security awareness training for college studentsInformation Management & Computer Security10.1108/IMCS-01-2013-0005
Chapter
Development of Students’ Security and Privacy Habits ScaleAdvances in Information and Communication10.1007/978-3-030-12385-7_64
Article
Evaluating the effectiveness of learner controlled information security trainingComputers & Security10.1016/j.cose.2019.101586
Article
Human behaviour as an aspect of cybersecurity assuranceSecurity and Communication Networks10.1002/sec.1657
Article
From the user's perspective: Perceptions of risk relative to benefit associated with using the InternetComputers in Human Behavior10.1016/j.chb.2016.02.024
Article
Computer self‐efficacy in the information societyInformation Technology & People10.1108/09593841111158392
Conference
The Psychology of Security for the Home Computer User2012 IEEE Symposium on Security and Privacy10.1109/SP.2012.23
Article
Exploring smart retailing: anthropomorphism in voice shopping of smart speakerInformation Technology & People10.1108/ITP-07-2021-0536
Article
Understanding security behaviour among healthcare professionals by comparing results from technology threat avoidance theory and protection motivation theoryBehaviour & Information Technology10.1080/0144929X.2024.2314255
Article
Optimistic Bias and Exposure Affect Security Incidents on Home ComputerJournal of Computer Information Systems10.1080/08874417.2019.1697860
Conference
Implementing Mental Models2012 IEEE Symposium on Security and Privacy Workshops10.1109/SPW.2012.31
Article
Herausforderungen und Implikationen für das Cyber-Risikomanagement sowie die Versicherung von Cyberrisiken – Eine empirische AnalyseZeitschrift für die gesamte Versicherungswissenschaft10.1007/s12297-018-0425-2
Article
Employees’ adherence to information security policies: An exploratory field studyInformation & Management10.1016/j.im.2013.08.006
Conference
Factors Influencing Protection Motivation and IS Security Policy Compliance2006 Innovations in Information Technology10.1109/INNOVATIONS.2006.301907
Article
The Impact of Organizational Commitment on Insiders’ Motivation to Protect Organizational Information AssetsJournal of Management Information Systems10.1080/07421222.2015.1138374
Article
Phishing threat avoidance behaviour: An empirical investigationComputers in Human Behavior10.1016/j.chb.2016.02.065
Article
Weak Password Security: An Empirical StudyInformation Security Journal: A Global Perspective10.1080/10658980701824432
Conference
Development of Security Awareness Domain and Resources (SADAR) Framework: Capacity Metrics to Evaluate Enterprise Resource Planning (ERP) Implementation2020 4rd International Conference on Electrical, Telecommunication and Computer Engineering (ELTICOM)10.1109/ELTICOM50775.2020.9230523
Chapter
Employees’ Adherence to Information Security Policies: An Empirical StudyNew Approaches for Security, Privacy and Trust in Complex Environments10.1007/978-0-387-72367-9_12
Article
Update now or later? Effects of experience, cost, and risk preference on update decisionsJournal of Cybersecurity10.1093/cybsec/tyaa002
Chapter
Information Security Awareness in Public AdministrationsPublic Management and Administration10.5772/intechopen.74572
Article
The Role of Cybersecurity Knowledge and Awareness in Cybersecurity Intention and Behavior in the United StatesCrime & Delinquency10.1177/00111287231180093
Conference
Security behaviors of healthcare providers using HIT outside of work: A technology threat avoidance perspective2017 8th International Conference on Information and Communication Systems (ICICS)10.1109/IACS.2017.7921995
Article
An Empirical Investigation of Factors Influencing Information Security BehaviorJournal of Information Privacy and Security10.1080/2333696X.2008.10855849
Article
Information systems user security: A structured model of the knowing–doing gapComputers in Human Behavior10.1016/j.chb.2012.05.003
Article
Heuristics and biases in cyber security dilemmasEnvironment Systems and Decisions10.1007/s10669-013-9473-2
Article
Measuring user satisfaction with information security practicesComputers & Security10.1016/j.cose.2014.10.015
Article
Effects of Personal Factors and Organizational Reinforcing Tools in Decreasing Employee Engagement in Unhygienic Cyber PracticesJournal of Global Information Management10.4018/JGIM.299324
Chapter
Understanding User Behavior towards Passwords through Acceptance and Use ModellingSecurity and Privacy Assurance in Advancing Technologies10.4018/978-1-60960-200-0.ch002
Chapter
Online Behavior ModelingExamining the Concepts, Issues, and Implications of Internet Trolling10.4018/978-1-4666-2803-8.ch014
Article
Engaging Remote EmployeesJournal of Organizational and End User Computing10.4018/joeuc.2013010101
Article
The Cultural Foundation of Information Security BehaviorJournal of Database Management10.4018/JDM.2020040102
Chapter
The Impact of Human Behavior on Cyber SecurityHandbook of Research on Civil Society and National Security in the Era of Cyber Warfare10.4018/978-1-4666-8793-6.ch018
Chapter
The Influence of Perceived Source Credibility on End User Attitudes and Intentions to Comply with Recommended IT ActionsEnd-User Computing, Development, and Software Engineering10.4018/978-1-4666-0140-6.ch015
Article
A Secure Knowledge Resource Management Theory for IT/IS OutsourcingInternational Journal of Human Capital and Information Technology Professionals10.4018/ijhcitp.2014010105
Chapter
The Impact of Human Behavior on Cyber SecurityMultigenerational Online Behavior and Media Use10.4018/978-1-5225-7909-0.ch068
Chapter
The Cultural Foundation of Information Security BehaviorResearch Anthology on Privatizing and Securing Data10.4018/978-1-7998-8954-0.ch024
Chapter
Advancement of Cybersecurity and Information Security Awareness to Facilitate Digital TransformationHandbook of Research on Advancing Cybersecurity for Digital Transformation10.4018/978-1-7998-6975-7.ch006
Article
The Influence of Perceived Source Credibility on End User Attitudes and Intentions to Comply with Recommended IT ActionsJournal of Organizational and End User Computing10.4018/joeuc.2010070101
Chapter
Ethical ComputingEncyclopedia of Information Science and Technology, Third Edition10.4018/978-1-4666-5888-2.ch292
Article
IS Security Policy ViolationsJournal of Organizational and End User Computing10.4018/joeuc.2012010102
Chapter
The Role and Responsibilities of the System’s AdministratorOrganizational, Legal, and Technological Dimensions of Information System Administration10.4018/978-1-4666-4526-4.ch001
Article
A Study of User Continuance Behavioral Intentions Toward Privacy-Protection PracticesInformation Resources Management Journal10.4018/IRMJ.2018040102
Chapter
A Study of User Continuance Behavioral Intentions Toward Privacy-Protection PracticesCensorship, Surveillance, and Privacy10.4018/978-1-5225-7113-1.ch090

Computer Security and Risky Computing Practices: A Rational Choice Perspective

Kregg Aytes, Terry Connolly

Source Title: Journal of Organizational and End User Computing (JOEUC)16(3)

Cite Article Cite Article

MLA

Aytes, Kregg, and Terry Connolly. "Computer Security and Risky Computing Practices: A Rational Choice Perspective." JOEUC vol.16, no.3 2004: pp.22-40. http://doi.org/10.4018/joeuc.2004070102

APA

Aytes, K. & Connolly, T. (2004). Computer Security and Risky Computing Practices: A Rational Choice Perspective. Journal of Organizational and End User Computing (JOEUC), 16(3), 22-40. http://doi.org/10.4018/joeuc.2004070102

Chicago

Aytes, Kregg, and Terry Connolly. "Computer Security and Risky Computing Practices: A Rational Choice Perspective," Journal of Organizational and End User Computing (JOEUC) 16, no.3: 22-40. http://doi.org/10.4018/joeuc.2004070102

Export Reference

Favorite Full-Issue Download

View Full Text PDF

Abstract

Despite rapid technological advances in computer hardware and software, insecure behavior by individual computer users continues to be a significant source of direct cost and productivity loss. Why do individuals, many of whom are aware of the possible grave consequences of low-level insecure behaviors such as failure to backup work and disclosing passwords, continue to engage in unsafe computing practices? In this article we propose a conceptual model of this behavior as the outcome of a boundedly-rational choice process. We explore this model in a survey of undergraduate students (N = 167) at two large public universities. We asked about the frequency with which they engaged in five commonplace but unsafe computing practices, and probed their decision processes with regard to these practices. Although our respondents saw themselves as knowledgeable, competent users, and were broadly aware that serious consequences were quite likely to result, they reported frequent unsafe computing behaviors. We discuss the implications of these findings both for further research on risky computing practices and for training and enforcement policies that will be needed in the organizations these students will shortly be entering.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email:

Password:

Forgot individual login password?

Create individual account

Computer Security and Risky Computing Practices: A Rational Choice Perspective

MLA

APA

Chicago

Export Reference

Abstract

Request Access