A Quantitative Field Study of a Persuasive Security Technology in the Wild

John Paul Vargheese* (Corresponding Author), Matthew Collinson, Judith Masthoff

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingPublished conference contribution

1 Citation (Scopus)

Abstract

Persuasive techniques and persuasive technologies have been suggested as a means to improve user cybersecurity behaviour, but there have been few quantitative studies in this area. In this paper, we present a large scale evaluation of persuasive messages designed to encourage University staff to complete security training. Persuasive messages were based on Cialdini’s principles of persuasion, randomly assigned, and transmitted by email. The training was real, and the messages sent constituted the real campaign to motivate users during the study period. We observed statistically significant variations, but with mild effect sizes, in participant responses to the persuasive messages. ‘Unity’ persuasive messages that had increased emphasis on the collaborative role of individual users as part of an organisation-wide team effort towards cybersecurity were more effective compared to ‘Authority’ messages that had increased emphasis on a mandatory obligation of users imposed by a hierarchical authority. Participant and organisational factors also appear to impact upon participant responses. The study suggests that the use of messages emphasising different principles of persuasion may have different levels of effectiveness in encouraging users to take particular security actions. In particular, it suggests that the use of social capital, in the form of increased emphasis of ‘unity’, may be more effective than increased emphasis of ‘authority’. These findings motivate further studies of how the use of Social capital may be beneficial for encouraging individuals to adopt similar positive security behaviours.

Original languageEnglish
Title of host publicationSocial Informatics
Subtitle of host publication13th International Conference, SocInfo 2022, Proceedings
EditorsFrank Hopfgartner, Kokil Jaidka, Philipp Mayr, Joemon Jose, Jan Breitsohl
PublisherSpringer Science and Business Media Deutschland GmbH
Pages211-232
Number of pages22
ISBN (Electronic)978-3-031-19097-1
ISBN (Print)9783031190964
DOIs
Publication statusPublished - 12 Oct 2022
EventSocial Informatics 2022: The 13th International Conference on Social Informatics. - Glasgow, United Kingdom
Duration: 19 Oct 202221 Oct 2022
http://www.dcs.gla.ac.uk/socinfo2022/index.html

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13618 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceSocial Informatics 2022
Country/TerritoryUnited Kingdom
Period19/10/2221/10/22
Internet address

Bibliographical note

This research was supported by the UKRI EPSRC award: EP/P011829/1.

Keywords

  • Cybersecurity
  • Behaviour change
  • Persuasive technology
  • Actual effectiveness
  • Quantitative field study

Cite this