Visible to the public Risk Compensation in Home-User Computer Security Behavior: A Mixed-Methods Exploratory StudyConflict Detection Enabled

TitleRisk Compensation in Home-User Computer Security Behavior: A Mixed-Methods Exploratory Study
Publication TypeConference Proceedings
Year of Publication2016
AuthorsSarah Pearman, Nicholas Munson, Leeyat Slyper, Lujo Bauer, Serge Egelman, Arnab Kumar, Charu Sharma, Jeremy Thomas, Nicolas Christin
Conference NameSOUPS 2016: 12th Symposium on Usable Privacy and Security
Date Published06/2016
Publisher2016 by The USENIX Association
Conference LocationDenver, CO
ISBN Number978-1-931971-31-7
KeywordsCMU, July'16, security; usable security; risk homeostasis theory; risk compensation

Risk homeostasis theory claims that individuals adjust their behaviors in response to changing variables to keep what they perceive as a constant accepted level of risk [8]. Risk homeostasis theory is used to explain why drivers may drive faster when wearing seatbelts. Here we explore whether risk homeostasis theory applies to end-user security behaviors. We use observed data from over 200 participants in a longitudinal in-situ study as well as survey data from 249 users to attempt to determine how user security behaviors and attitudes are affected by the presence or absence of antivirus software. If risk compensation is occurring, users might be expected to behave more dangerously in some ways when antivirus is present. Some of our preliminary data suggests that risk compensation may be occurring, but additional work with larger samples is needed.

Citation Keynode-30244

Other available formats:

Pearman_Risk_Compensation_LC.pdfPDF document108.84 KBDownloadPreview