Government Office for Science: Using behavioural insights to improve the public’s use of cyber security best practices
Posted: 25 June 2014
Cyber security, for the context of this report, is defined as “the protection of globally connected electronic data or equipment against criminal, unauthorized or accidental use and the technology and processes required to achieve this protection”. There is no single behaviour that will keep people secure online, but rather cyber-security requires multiple interrelated behaviours, and each one is potentially influenced by different factors. For instance what influences a user to use a strong password may not be the same as what influences a user to follow a phishing link.
Maintaining cyber-security is a significant problem. A significant and growing part of this problem is considered to be the insecure behaviours of Internet users. As the number of worldwide Internet users is now over 2 billion1, developing an understanding of individuals’ behaviour when faced with the threat of cyber-attacks is a valuable part of addressing cyber security and mitigating such attacks. Computers are vulnerable to these attacks if users do not adopt secure behaviours.