Impact of digital nudging on information security behavior: An experimental study on framing and priming in cybersecurity

Impact of digital nudging on information security behavior: An experimental study on framing and priming in cybersecurity

Purpose: Phishing attacks are the most common cyber threats targeted at users. Digital nudging in the form of framing and priming may reduce user susceptibility to phishing. This research focuses on two types of digital nudging, framing and priming, and examines the impact of framing and priming on...

Full description

Saved in:
Bibliographic Details
Main Authors: SHARMA, Kavya, ZHAN, Xinhui, NAH, Fiona Fui-hoon, SIAU, Keng, CHENG, Maggie X.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2021
Subjects:
Cybersecurity
framing
priming
digital nudging
information security
user behavior
Databases and Information Systems
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/9526
https://ink.library.smu.edu.sg/context/sis_research/article/10526/viewcontent/10_1108_ocj_03_2021_0009_pvoa_cc_by.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Purpose: Phishing attacks are the most common cyber threats targeted at users. Digital nudging in the form of framing and priming may reduce user susceptibility to phishing. This research focuses on two types of digital nudging, framing and priming, and examines the impact of framing and priming on users' behavior (i.e. action) in a cybersecurity setting. It draws on prospect theory, instance-based learning theory and dual-process theory to generate the research hypotheses. Design/methodology/approach: A 3 × 2 experimental study was carried out to test the hypotheses. The experiment consisted of three levels for framing (i.e. no framing, negative framing and positive framing) and two levels for priming (i.e. with and without priming). Findings: The findings suggest that priming users to information security risks reduces their risk-taking behavior, whereas positive and negative framing of information security messages regarding potential consequences of the available choices do not change users' behavior. The results also indicate that risk-averse cybersecurity behavior is associated with greater confidence with the action, greater perceived severity of cybersecurity risks, lower perceived susceptibility to cybersecurity risks resulting from the action and lower trust in the download link. Originality/value: This research shows that digital nudging in the form of priming is an effective way to reduce users' exposure to cybersecurity risks.

Similar Items