Inadvertent and Irrational human errors (e.g., clicking on phishing emails) have been the primary cause of security breaches in recent years. It has been estimated that these errors are a source of approximately 84% of all breaches in 2017 (Sher-Jan, 2018). To understand the root cause of these errors and examine practical solutions for personal users, I applied the theory of bounded rationality (Simon, 1972, 2000). In the second chapter, I examined the role of several factors (i.e., objective knowledge, subjective knowledge, and default security level) on how secure a decision made by a personal user is (i.e., security level of user’s decision). I discovered that the default security level has the most significant influence on the security...
This study investigates the effect of individuals’ information processing modes on phishing email de...
Objective: We use signal detection theory to measure vulnerability to phishing attacks, including va...
In this opinion paper, we first review the evolution of information security research, and summarize...
Inadvertent and Irrational human errors (e.g., clicking on phishing emails) have been the primary ca...
Extant work has examined users’ security behavior in both individual and organizational contexts by ...
Most current information systems security theories assume a rational actor making deliberate decisio...
Well-intentioned decisions---even ones intended to improve aggregate security--- may inadvertently j...
IS users and organizations must take necessary measures to adequately cope with security threats. Co...
In the modern networked world, replete with massive amounts of data, one of the greatest threats fac...
Abstract. Computer security has traditionally been assessed from a technical point of view. Another ...
IT users often make information security-related decisions in complex and multidimensional environme...
The aim of the present study was twofold. First it aimed to elicit Information Security (InfoSec) ex...
A leading cause of security breaches is a basic human vulnerability: our susceptibility to deception...
Decisions that we make about email legitimacy can result in a pernicious threat to security of both ...
Cyber attacks are increasingly commonplace and cause significant disruption, and therefore, have bee...
This study investigates the effect of individuals’ information processing modes on phishing email de...
Objective: We use signal detection theory to measure vulnerability to phishing attacks, including va...
In this opinion paper, we first review the evolution of information security research, and summarize...
Inadvertent and Irrational human errors (e.g., clicking on phishing emails) have been the primary ca...
Extant work has examined users’ security behavior in both individual and organizational contexts by ...
Most current information systems security theories assume a rational actor making deliberate decisio...
Well-intentioned decisions---even ones intended to improve aggregate security--- may inadvertently j...
IS users and organizations must take necessary measures to adequately cope with security threats. Co...
In the modern networked world, replete with massive amounts of data, one of the greatest threats fac...
Abstract. Computer security has traditionally been assessed from a technical point of view. Another ...
IT users often make information security-related decisions in complex and multidimensional environme...
The aim of the present study was twofold. First it aimed to elicit Information Security (InfoSec) ex...
A leading cause of security breaches is a basic human vulnerability: our susceptibility to deception...
Decisions that we make about email legitimacy can result in a pernicious threat to security of both ...
Cyber attacks are increasingly commonplace and cause significant disruption, and therefore, have bee...
This study investigates the effect of individuals’ information processing modes on phishing email de...
Objective: We use signal detection theory to measure vulnerability to phishing attacks, including va...
In this opinion paper, we first review the evolution of information security research, and summarize...