IDEAS home Printed from https://ideas.repec.org/a/spr/envsyd/v33y2013i4d10.1007_s10669-013-9473-2.html
   My bibliography  Save this article

Heuristics and biases in cyber security dilemmas

Author

Listed:
  • Heather Rosoff

    (University of Southern California
    University of Southern California)

  • Jinshu Cui

    (University of Southern California
    University of Southern California)

  • Richard S. John

    (University of Southern California
    University of Southern California)

Abstract

Cyber security often depends on decisions made by human operators, who are commonly considered a major cause of security failures. We conducted 2 behavioral experiments to explore whether and how cyber security decision-making responses depend on gain–loss framing and salience of a primed recall prior experience. In Experiment I, we employed a 2 × 2 factorial design, manipulating the frame (gain vs. loss) and the presence versus absence of a prior near-miss experience. Results suggest that the experience of a near-miss significantly increased respondents’ endorsement of safer response options under a gain frame. Overall, female respondents were more likely to select a risk averse (safe) response compared with males. Experiment II followed the same general paradigm, framing all consequences in a loss frame and manipulating recall to include one of three possible prior experiences: false alarm, near-miss, or a hit involving a loss of data. Results indicate that the manipulated prior hit experience significantly increased the likelihood of respondents’ endorsement of a safer response relative to the manipulated prior near-miss experience. Conversely, the manipulated prior false-alarm experience significantly decreased respondents’ likelihood of endorsing a safer response relative to the manipulated prior near-miss experience. These results also showed a main effect for age and were moderated by respondent’s income level.

Suggested Citation

  • Heather Rosoff & Jinshu Cui & Richard S. John, 2013. "Heuristics and biases in cyber security dilemmas," Environment Systems and Decisions, Springer, vol. 33(4), pages 517-529, December.
    • Handle: RePEc:spr:envsyd:v:33:y:2013:i:4:d:10.1007_s10669-013-9473-2
    DOI: 10.1007/s10669-013-9473-2
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10669-013-9473-2
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1007/s10669-013-9473-2?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Lisa Cameron & Manisha Shah, 2015. "Risk-Taking Behavior in the Wake of Natural Disasters," Journal of Human Resources, University of Wisconsin Press, vol. 50(2), pages 484-515.
    2. Ming‐Chou Ho & Daigee Shaw & Shuyeu Lin & Yao‐Chu Chiu, 2008. "How Do Disaster Characteristics Influence Risk Perception?," Risk Analysis, John Wiley & Sons, vol. 28(3), pages 635-643, June.
    3. repec:cup:judgdm:v:1:y:2006:i::p:48-63 is not listed on IDEAS
    4. Daniel Kahneman & Amos Tversky, 2013. "Prospect Theory: An Analysis of Decision Under Risk," World Scientific Book Chapters, in: Leonard C MacLean & William T Ziemba (ed.), HANDBOOK OF THE FUNDAMENTALS OF FINANCIAL DECISION MAKING Part I, chapter 6, pages 99-127, World Scientific Publishing Co. Pte. Ltd..
    5. Robin L. Dillon & Catherine H. Tinsley & Matthew Cronin, 2011. "Why Near‐Miss Events Can Decrease an Individual's Protective Response to Hurricanes," Risk Analysis, John Wiley & Sons, vol. 31(3), pages 440-449, March.
    6. Catherine H. Tinsley & Robin L. Dillon & Matthew A. Cronin, 2012. "How Near-Miss Events Amplify or Attenuate Risky Decision Making," Management Science, INFORMS, vol. 58(9), pages 1596-1613, September.
    7. Yi‐Wen Kung & Sue‐Huei Chen, 2012. "Perception of Earthquake Risk in Taiwan: Effects of Gender and Past Earthquake Experience," Risk Analysis, John Wiley & Sons, vol. 32(9), pages 1535-1546, September.
    8. repec:cup:judgdm:v:5:y:2010:i:5:p:411-419 is not listed on IDEAS
    9. Tversky, Amos & Kahneman, Daniel, 1986. "Rational Choice and the Framing of Decisions," The Journal of Business, University of Chicago Press, vol. 59(4), pages 251-278, October.
    10. Howard Kunreuther & Mark Pauly, 2004. "Neglecting Disaster: Why Don't People Insure Against Large Losses?," Journal of Risk and Uncertainty, Springer, vol. 28(1), pages 5-21, January.
    11. James Flynn & Paul Slovic & C. K. Mertz, 1994. "Gender, Race, and Perception of Environmental Health Risks," Risk Analysis, John Wiley & Sons, vol. 14(6), pages 1101-1108, December.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. David Reitter & Jens Grossklags, 2019. "The Positive Impact of Task Familiarity, Risk Propensity, and Need For Cognition on Observed Timing Decisions in a Security Game," Games, MDPI, vol. 10(4), pages 1-18, December.
    2. Heinrich, Timo & Seifert, Matthias & Then, Franziska, 2020. "Near-losses in insurance markets: An experiment," Economics Letters, Elsevier, vol. 186(C).
    3. Nuria Rodríguez-Priego & René van Bavel, 2016. "The Effect of Warning Messages on Secure Behaviour Online: Results from a Lab Experiment," JRC Research Reports JRC103188, Joint Research Centre.
    4. Robin L. Dillon & Catherine H. Tinsley, 2016. "Near-miss events, risk messages, and decision making," Environment Systems and Decisions, Springer, vol. 36(1), pages 34-44, March.
    5. Jinshu Cui & Heather Rosoff & Richard S. John, 2017. "A Polytomous Item Response Theory Model for Measuring Near-Miss Appraisal as a Psychological Trait," Decision Analysis, INFORMS, vol. 14(2), pages 75-86, June.
    6. Zachary A. Collier & Igor Linkov & James H. Lambert, 2013. "Four domains of cybersecurity: a risk-based systems approach to cyber decisions," Environment Systems and Decisions, Springer, vol. 33(4), pages 469-470, December.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Delphine Boutin & Laurène Petifour & Haris Megzari, 2022. "Instability of preferences due to Covid-19 Crisis and emotions: a natural experiment from urban Burkina Faso," Working Papers hal-03623601, HAL.
    2. Boutin, Delphine & Petifour, Laurene & Megzari, Haris, 2023. "Permanent Instability of Preferences after COVID-19 Crisis: A Natural Experiment from Urban Burkina Faso," IZA Discussion Papers 16075, Institute of Labor Economics (IZA).
    3. Arnaud Reynaud & Cécile Aubert, 2020. "Does flood experience modify risk preferences? Evidence from an artefactual field experiment in Vietnam," The Geneva Risk and Insurance Review, Palgrave Macmillan;International Association for the Study of Insurance Economics (The Geneva Association), vol. 45(1), pages 36-74, March.
    4. Delphine BOUTIN & Laurène PETIFOUR & Haris MEGZARI, 2022. "Instability of preferences due to Covid-19 Crisis and emotions: a natural experiment from urban Burkina Faso," Bordeaux Economics Working Papers 2022-05, Bordeaux School of Economics (BSE).
    5. Yuan, Hongmin & Ouyang, Yanmin & Li, Yuxiang, 2024. "Local earthquakes and households’ risk-taking: Evidence from the China Household Finance Survey," Journal of Asian Economics, Elsevier, vol. 91(C).
    6. Yanbo Zhang & Yibao Wang & Ahmad Bayiz Ahmad & Ashfaq Ahmad Shah & Wen Qing, 2021. "How Do Individual-Level Characteristics Influence Cross-Domain Risk Perceptions Among Chinese Urban Residents?," SAGE Open, , vol. 11(2), pages 21582440211, April.
    7. Güth, W., 1997. "Boundedly Rational Decision Emergence -A General Perspective and Some Selective Illustrations-," SFB 373 Discussion Papers 1997,29, Humboldt University of Berlin, Interdisciplinary Research Project 373: Quantification and Simulation of Economic Processes.
    8. Freeman, Steven F., 1997. "Good decisions : reconciling human rationality, evolution, and ethics," Working papers WP 3962-97., Massachusetts Institute of Technology (MIT), Sloan School of Management.
    9. Alexandra Rausch & Alexander Brauneis, 2015. "It’s about how the task is set: the inclusion–exclusion effect and accountability in preprocessing management information," Central European Journal of Operations Research, Springer;Slovak Society for Operations Research;Hungarian Operational Research Society;Czech Society for Operations Research;Österr. Gesellschaft für Operations Research (ÖGOR);Slovenian Society Informatika - Section for Operational Research;Croatian Operational Research Society, vol. 23(2), pages 313-344, June.
    10. Goytom Abraha Kahsay & Daniel Osberghaus, 2018. "Storm Damage and Risk Preferences: Panel Evidence from Germany," Environmental & Resource Economics, Springer;European Association of Environmental and Resource Economists, vol. 71(1), pages 301-318, September.
    11. Ellen Garbarino & Robert Slonim, 2007. "Preferences and decision errors in the winner’s curse," Journal of Risk and Uncertainty, Springer, vol. 34(3), pages 241-257, June.
    12. Elie Matta & Jean McGuire, 2008. "Too Risky to Hold? The Effect of Downside Risk, Accumulated Equity Wealth, and Firm Performance on CEO Equity Reduction," Organization Science, INFORMS, vol. 19(4), pages 567-580, August.
    13. Giuseppe Pernagallo & Benedetto Torrisi, 2020. "A theory of information overload applied to perfectly efficient financial markets," Review of Behavioral Finance, Emerald Group Publishing Limited, vol. 14(2), pages 223-236, October.
    14. Prieto, Marc & Caemmerer, Barbara & Baltas, George, 2015. "Using a hedonic price model to test prospect theory assertions: The asymmetrical and nonlinear effect of reliability on used car prices," Journal of Retailing and Consumer Services, Elsevier, vol. 22(C), pages 206-212.
    15. Moshe Levy & Haim Levy, 2013. "Prospect Theory: Much Ado About Nothing?," World Scientific Book Chapters, in: Leonard C MacLean & William T Ziemba (ed.), HANDBOOK OF THE FUNDAMENTALS OF FINANCIAL DECISION MAKING Part I, chapter 7, pages 129-144, World Scientific Publishing Co. Pte. Ltd..
    16. Schilirò, Daniele & Graziano, Mario, 2011. "Scelte e razionalità nei modelli economici: un'analisi multidisciplinare [Choices and rationality in economic models: a multidisciplinary analysis]," MPRA Paper 31910, University Library of Munich, Germany.
    17. Shi, Yuwei & Herniman, John, 2023. "The role of expectation in innovation evolution: Exploring hype cycles," Technovation, Elsevier, vol. 119(C).
    18. Pak, Tae-Young, 2023. "Relative deprivation and financial risk taking✰," Finance Research Letters, Elsevier, vol. 55(PA).
    19. Freudenreich, Hanna & Musshoff, Oliver & Wiercinski, Ben, 2017. "The Relationship between Farmers' Shock Experiences and their Uncertainty Preferences - Experimental Evidence from Mexico," GlobalFood Discussion Papers 256212, Georg-August-Universitaet Goettingen, GlobalFood, Department of Agricultural Economics and Rural Development.
    20. Ashton, John K. & Hudson, Robert S., 2008. "Interest rate clustering in UK financial services markets," Journal of Banking & Finance, Elsevier, vol. 32(7), pages 1393-1403, July.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:envsyd:v:33:y:2013:i:4:d:10.1007_s10669-013-9473-2. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.