University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Security economics to inform behaviour change support

Security economics to inform behaviour change support

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Alexander Vetterl.

Security policy-makers (influencers) in an organization set security policies that embody intended behaviours for employees (as decision-makers) to follow. Employees will have limited resources for identifying optimal security-related choices, and must consider options alongside other workplace pressures. Reconciling traditional economics and behavioural economics can identify misalignments – current approaches to security behaviour provisioning mirror rational-agent economics, even where behavioural economics is encapsulated in the promotion of security behaviours. We present a framework for ‘good enough’ decisions about security-related behaviours, to support the bounded security decision-making of employees. The capacity of the framework to identify sustainable security behaviours is also discussed, to consider policy concordance (negotiation of workable behaviours) and ‘no blame’ security cultures. The framework is also considered in the context of provisioning for employees in smaller businesses, and home user security.

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2020 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity