Reference Hub15
The Weakest Link: A Psychological Perspective on Why Users Make Poor Security Decisions

The Weakest Link: A Psychological Perspective on Why Users Make Poor Security Decisions

Ryan West, Christopher Mayhorn, Jefferson Hardee, Jeremy Mendel
ISBN13: 9781605660363|ISBN10: 1605660361|EISBN13: 9781605660370
DOI: 10.4018/978-1-60566-036-3.ch004
Cite Chapter Cite Chapter

MLA

West, Ryan, et al. "The Weakest Link: A Psychological Perspective on Why Users Make Poor Security Decisions." Social and Human Elements of Information Security: Emerging Trends and Countermeasures, edited by Manish Gupta and Raj Sharman, IGI Global, 2009, pp. 43-60. https://doi.org/10.4018/978-1-60566-036-3.ch004

APA

West, R., Mayhorn, C., Hardee, J., & Mendel, J. (2009). The Weakest Link: A Psychological Perspective on Why Users Make Poor Security Decisions. In M. Gupta & R. Sharman (Eds.), Social and Human Elements of Information Security: Emerging Trends and Countermeasures (pp. 43-60). IGI Global. https://doi.org/10.4018/978-1-60566-036-3.ch004

Chicago

West, Ryan, et al. "The Weakest Link: A Psychological Perspective on Why Users Make Poor Security Decisions." In Social and Human Elements of Information Security: Emerging Trends and Countermeasures, edited by Manish Gupta and Raj Sharman, 43-60. Hershey, PA: IGI Global, 2009. https://doi.org/10.4018/978-1-60566-036-3.ch004

Export Reference

Mendeley
Favorite

Abstract

The goal of this chapter is to raise awareness of cognitive and human factors issues that influence user behavior when interacting with systems and making decisions with security consequences. This chapter is organized around case studies of computer security incidents and known threats. For each case study, we provide an analysis of the human factors involved based on a system model approach composed of three parts: the user, the technology, and the environment. Each analysis discusses how the user interacted with the technology within the context of the environment to actively contribute to the incident. Using this approach, we introduce key concepts from human factors research and discuss them within the context of computer security. With a fundamental understanding of the causes that lead users to make poor security decisions and take risky actions, we hope designers of security systems are better equipped to mitigate those risks.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.