IDEAS home Printed from https://ideas.repec.org/a/eee/tefoso/v198y2024ics0040162523007138.html
   My bibliography  Save this article

How to keep your information secure? Toward a better understanding of users security behavior

Author

Listed:
  • Arenas, Álvaro
  • Ray, Gautam
  • Hidalgo, Antonio
  • Urueña, Alberto

Abstract

Use of computers and the Internet is an integral part of our lives, with business becoming more digital. As a result, individuals are using their home computers to perform diverse tasks and to store sensitive data. This paper investigates the relative efficacy of two strategies to protect home computers from security threats: security tools and security activities. For the analysis, we collected data from over 1900 individuals in Spain, following an approach combining self- reported data, via an online survey, with actual data collected directly from home users' computers. The main contribution of the paper is to provide a model, based on routine activity theory, explaining the role of security tools and security activities in protecting personal computers from malware infection, thus offering an in-depth understanding of users' security behavior. Using multivariate, logit and probit regressions, our study reveals that having security tools is positively related with higher risk activities and more infections, while pursuing security activities reduces malware infections. These results have important implications for policy makers and organizations, reinforcing the view that security tools are not sufficient to protect users from malware infection, and the need to develop security education and awareness programs for computer users.

Suggested Citation

  • Arenas, Álvaro & Ray, Gautam & Hidalgo, Antonio & Urueña, Alberto, 2024. "How to keep your information secure? Toward a better understanding of users security behavior," Technological Forecasting and Social Change, Elsevier, vol. 198(C).
    • Handle: RePEc:eee:tefoso:v:198:y:2024:i:c:s0040162523007138
    DOI: 10.1016/j.techfore.2023.123028
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0040162523007138
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.techfore.2023.123028?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Miao, Ruomu & Li, Benqian, 2022. "A user-portraits-based recommendation algorithm for traditional short video industry and security management of user privacy in social networks," Technological Forecasting and Social Change, Elsevier, vol. 185(C).
    2. Douglas A. Parry & Brittany I. Davidson & Craig J. R. Sewall & Jacob T. Fisher & Hannah Mieczkowski & Daniel S. Quintana, 2021. "A systematic review and meta-analysis of discrepancies between logged and self-reported digital media use," Nature Human Behaviour, Nature, vol. 5(11), pages 1535-1547, November.
    3. Ann-Renée Blais & Elke U. Weber, 2006. "A Domain-Specific Risk-Taking (DOSPERT)Scale for Adult Populations," CIRANO Working Papers 2006s-24, CIRANO.
    4. Herrero, Juan & Rodríguez, Francisco J. & Urueña, Alberto, 2023. "Use of smartphone apps for mobile communication and social digital pressure: A longitudinal panel study," Technological Forecasting and Social Change, Elsevier, vol. 188(C).
    5. repec:cup:judgdm:v:1:y:2006:i::p:33-47 is not listed on IDEAS
    6. John D'Arcy & Anat Hovav & Dennis Galletta, 2009. "User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach," Information Systems Research, INFORMS, vol. 20(1), pages 79-98, March.
    7. Robert Willison & James Backhouse, 2006. "Opportunities for computer crime: considering systems risk from a criminological perspective," European Journal of Information Systems, Taylor & Francis Journals, vol. 15(4), pages 403-414, August.
    8. Ngo, Fawn T. & Paternoster, Raymond & Cullen, Francis T. & Mackenzie, Doris Layton, 2011. "Life domains and crime: A test of Agnew's general theory of crime and delinquency," Journal of Criminal Justice, Elsevier, vol. 39(4), pages 302-311, July.
    9. Ou, Carol & Zhang, Xiaowei & Angelopoulos, Spyros & Davison, Robert & Janse, Noury, 2022. "Security breaches and organization response strategy : Exploring consumers’ threat and coping appraisals," Other publications TiSEM 9ac0c2eb-87e8-4c1d-a0b0-c, Tilburg University, School of Economics and Management.
    10. Juan Herrero & Alberto Urueña & Andrea Torres & Antonio Hidalgo, 2017. "My computer is infected: the role of users’ sensation seeking and domain-specific risk perceptions and risk attitudes on computer harm," Journal of Risk Research, Taylor & Francis Journals, vol. 20(11), pages 1466-1479, November.
    11. Yoon, Jeewhan & Vonortas, Nicholas S. & Han, SungWon, 2020. "Do-It-Yourself laboratories and attitude toward use: The effects of self-efficacy and the perception of security and privacy," Technological Forecasting and Social Change, Elsevier, vol. 159(C).
    12. Balapour, Ali & Nikkhah, Hamid Reza & Sabherwal, Rajiv, 2020. "Mobile application security: Role of perceived privacy as the predictor of security perceptions," International Journal of Information Management, Elsevier, vol. 52(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Ranganathan, Kavitha & Lejarraga, Tomás, 2021. "Elicitation of risk preferences through satisficing," Journal of Behavioral and Experimental Finance, Elsevier, vol. 32(C).
    2. Bose, Neha & Sgroi, Daniel, 2019. "The Role of Theory of Mind and “Small Talk” Communication in Strategic Decision-Making," CAGE Online Working Paper Series 409, Competitive Advantage in the Global Economy (CAGE).
    3. Pablo Brañas‐Garza & Matteo M. Galizzi & Jeroen Nieboer, 2018. "Experimental And Self‐Reported Measures Of Risk Taking And Digit Ratio (2d:4d): Evidence From A Large, Systematic Study," International Economic Review, Department of Economics, University of Pennsylvania and Osaka University Institute of Social and Economic Research Association, vol. 59(3), pages 1131-1157, August.
    4. Shixingyue Hu & Yazao Yang, 2024. "Safety of female ride-hailing passengers: Perception and prevention," Palgrave Communications, Palgrave Macmillan, vol. 11(1), pages 1-18, December.
    5. Kumju Hwang & Hyemi Um, 2021. "Social Controls and Bonds of Public Information Consumer on Sustainable Utilization and Provision for Computing," Sustainability, MDPI, vol. 13(9), pages 1-20, May.
    6. Arslan, Ruben C. & Brümmer, Martin & Dohmen, Thomas & Drewelies, Johanna & Hertwig, Ralph & Wagner, Gert G., 2020. "How people know their risk preference," EconStor Open Access Articles and Book Chapters, ZBW - Leibniz Information Centre for Economics, vol. 10.
    7. Martijn Adriaan Boermans & Daan Willebrands, 2017. "Entrepreneurship, risk perception and firm performance," International Journal of Entrepreneurship and Small Business, Inderscience Enterprises Ltd, vol. 31(4), pages 557-569.
    8. Jae Kyu Lee & Younghoon Chang & Hun Yeong Kwon & Beopyeon Kim, 2020. "Reconciliation of Privacy with Preventive Cybersecurity: The Bright Internet Approach," Information Systems Frontiers, Springer, vol. 22(1), pages 45-57, February.
    9. Ronayne, David & Sgroi, Daniel & Tuckwell, Anthony, 2021. "Evaluating the sunk cost effect," Journal of Economic Behavior & Organization, Elsevier, vol. 186(C), pages 318-327.
    10. James Alm & Antoine Malézieux, 2021. "40 years of tax evasion games: a meta-analysis," Experimental Economics, Springer;Economic Science Association, vol. 24(3), pages 699-750, September.
    11. Eric Jardine, 2020. "The Case against Commercial Antivirus Software: Risk Homeostasis and Information Problems in Cybersecurity," Risk Analysis, John Wiley & Sons, vol. 40(8), pages 1571-1588, August.
    12. Humaira Mumtaz & Iqbal Javed & Allah Bakhsh, 2019. "Impact of Psychological Consequences on Poverty: An Evidence from Pakistan," Journal of Economic Impact, Science Impact Publishers, vol. 1(3), pages 70-79.
    13. Debapriya Jojo Paul & Julia Henker & Sian Owen, 2019. "The aggregate impacts of tournament incentives in experimental asset markets," Experimental Economics, Springer;Economic Science Association, vol. 22(2), pages 441-476, June.
    14. Gürdal, Mehmet Y. & Kuzubaş, Tolga U. & Saltoğlu, Burak, 2017. "Measures of individual risk attitudes and portfolio choice: Evidence from pension participants," Journal of Economic Psychology, Elsevier, vol. 62(C), pages 186-203.
    15. Barn, Ravinder & Tan, Jo-Pei, 2012. "Foster youth and crime: Employing general strain theory to promote understanding," Journal of Criminal Justice, Elsevier, vol. 40(3), pages 212-220.
    16. Christoph Buehren & Tim Meyer & Christian Pierdzioch, 2020. "Experimental Evidence on Forecaster (anti-) Herding in Sports Markets," MAGKS Papers on Economics 202038, Philipps-Universität Marburg, Faculty of Business Administration and Economics, Department of Economics (Volkswirtschaftliche Abteilung).
    17. Silva, Leiser & Hsu, Carol & Backhouse, James & McDonnell, Aidan, 2016. "Resistance and power in a security certification scheme: the case of c:cure," LSE Research Online Documents on Economics 68348, London School of Economics and Political Science, LSE Library.
    18. Ploner, Matteo & Saredi, Viola, 2020. "Exploration and delegation in risky choices," Journal of Behavioral and Experimental Economics (formerly The Journal of Socio-Economics), Elsevier, vol. 88(C).
    19. Sumantra Sarkar & Anthony Vance & Balasubramaniam Ramesh & Menelaos Demestihas & Daniel Thomas Wu, 2020. "The Influence of Professional Subculture on Information Security Policy Violations: A Field Study in a Healthcare Context," Information Systems Research, INFORMS, vol. 31(4), pages 1240-1259, December.
    20. Baert, Stijn, 2015. "Hiring a Homosexual, Taking a Risk? A Lab Experiment on Employment Discrimination and Risk Aversion," IZA Discussion Papers 9536, Institute of Labor Economics (IZA).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:tefoso:v:198:y:2024:i:c:s0040162523007138. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.sciencedirect.com/science/journal/00401625 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.