The Design of Messages to Improve Cybersecurity Incident Reporting

被引：5

作者：

Briggs, Pam ^{[1
]}

Jeske, Debora ^{[2
]}

Coventry, Lynne ^{[1
]}

机构：

[1] Northumbria Univ, Newcastle Upon Tyne, Tyne & Wear, England

[2] Univ Coll Cork, Cork, Ireland

来源：

HUMAN ASPECTS OF INFORMATION SECURITY, PRIVACY AND TRUST (HAS 2017) | 2017年 / 10292卷

基金：

英国工程与自然科学研究理事会;

关键词：

Security; User behavior; Incident reporting; Behavior change; Protection; motivation theory; Social loafing; PROTECTION MOTIVATION; TASKS;

D O I：

10.1007/978-3-319-58460-7_1

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Cybersecurity suffers from the problem of poor incident reporting. We explored message influences on incident reporting rate. Participants were presented with messages that differed in terms of (i) whether the problem was framed as a technical or a security issue and (ii) the perceived beneficiaries of making a report (benefit to the user, to others vs. no benefit message). Participants were more likely to report a problem if so doing implied some benefit to self, where making the problem more personally relevant might act to reduce social loafing in group settings. They were also more likely to report a technical rather than a security problem and qualitative data suggested that users were sometimes suspicious of messages reporting a security incident - believing that the message itself might be a cybersecurity attack. The findings provide starting points for future research aimed at improving incident reporting.

引用

页码：3 / 13

页数：11

共 50 条

[31] Design Effective Voluntary Medical Incident Reporting Systems: A Literature Review
Hua, Lei
Gong, Yang
HUMAN INTERFACE AND THE MANAGEMENT OF INFORMATION: INTERACTING WITH INFORMATION, PT 2, 2011, 6772 : 253 - 261
[32] Automating patient safety incident reporting to improve healthcare quality in the defence medical services
Lamb, Di
Piper, N.
JOURNAL OF THE ROYAL ARMY MEDICAL CORPS, 2015, 161 : 39 - 45
[33] Use of a falls incident reporting system to improve care process documentation in nursing homes
Wagner, L. M.
Capezuti, E.
Clark, P. C.
Parmelee, P. A.
Ouslander, J. G.
QUALITY & SAFETY IN HEALTH CARE, 2008, 17 (02): : 104 - 108
[34] ICS Cybersecurity Incident Response and the Troubleshooting Process
Takano, Masatoshi
2014 Proceedings of the SICE Annual Conference (SICE), 2014, : 827 - 832
[35] POLICY STRATEGIES TO IMPROVE CYBERSECURITY
Yesue, Vincent
CONNECTICUT INSURANCE LAW JOURNAL, 2023, 30 (01):
[36] A collaborative approach for national cybersecurity incident management
Oriola, Oluwafemi
Adeyemo, Adesesan Barnabas
Papadaki, Maria
Kotze, Eduan
INFORMATION AND COMPUTER SECURITY, 2021, 29 (03) : 457 - 484
[37] A Comprehensive Cybersecurity Audit Model to Improve Cybersecurity Assurance: The CyberSecurity Audit Model (CSAM)
Sabillon, Regner
Serra-Ruiz, Jordi
Cavaller, Victor
Cano, Jeimy
2017 INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS AND COMPUTER SCIENCE (INCISCOS), 2017, : 253 - 259
[38] Opportunities for incident reporting. Response to: 'The problem with incident reporting' by Macrae et al
Williams, Huw
Cooper, Alison
Carson-Stevens, Andrew
BMJ QUALITY & SAFETY, 2016, 25 (02) : 133 - U76
[39] The Critical Incident Reporting System (CIRS) as a measure to improve quality in medicine [Das Critical Incident Reporting System (CIRS) als mittel zur qualitätsverbesserung in der medizin]
Köbberling J.
Medizinische Klinik, 2005, 100 (3) : 143 - 148
[40] Messages New Reporting Requirements for Laboratories
不详
DEUTSCHE LEBENSMITTEL-RUNDSCHAU, 2011, 107 (09) : 404 - 404

← 1 2 3 4 5 →