A Quantitative Field Study of a Persuasive Security Technology in the Wild

John Paul Vargheese, Matthew Collinson, Judith Masthoff

Research output: Contribution to conferenceUnpublished paperpeer-review

Abstract

Persuasive techniques and persuasive technologies have been suggested as a means to improve user cybersecurity behaviour, but there have
been few quantitative studies in this area. In this paper, we present a large
scale evaluation of persuasive messages designed to encourage University staff
to complete security training. Persuasive messages were based on Cialdini’s
principles of persuasion, randomly assigned, and transmitted by email. The
training was real, and the messages sent constituted the real campaign to
motivate users during the study period. We observed statistically significant
variations, but with mild effect sizes, in participant responses to the persuasive
messages. ‘Unity’ persuasive messages that had increased emphasis on the collaborative role of individual users as part of an organisation-wide team effort
towards cybersecurity were more effective compared to ‘Authority’ messages
that had increased emphasis on a mandatory obligation of users imposed by a
hierarchical authority. Participant and organisational factors also appear to impact upon participant responses. The study suggests that the use of messages
emphasising different principles of persuasion may have different levels of effectiveness in encouraging users to take particular security actions. In particular, it suggests that the use of social capital, in the form of increased emphasis of ‘unity’, may be more effective than increased emphasis of ‘authority’. These findings motivate further studies of how the use of Social capital may be beneficial for encouraging individuals to adopt similar positive security behaviours
Original languageEnglish
Publication statusPublished - 22 Aug 2022
EventSocial Informatics 2022: The 13th International Conference on Social Informatics. - Glasgow, United Kingdom
Duration: 19 Oct 202221 Oct 2022
http://www.dcs.gla.ac.uk/socinfo2022/index.html

Conference

ConferenceSocial Informatics 2022
Country/TerritoryUnited Kingdom
Period19/10/2221/10/22
Internet address

Keywords

  • Cybersecurity
  • Behaviour change
  • Persuasive technology
  • Actual effectiveness
  • Quantitative field study

Fingerprint

Dive into the research topics of 'A Quantitative Field Study of a Persuasive Security Technology in the Wild'. Together they form a unique fingerprint.

Cite this