Self-confidence trumps knowledge: A cross-cultural study of security behavior

Yukiko Sawaya; Mahmood Sharif; Nicolas Christin; Ayumu Kubota; Akihiro Nakarai; Akira Yamada

doi:10.1145/3025453.3025926

Self-confidence trumps knowledge: A cross-cultural study of security behavior

Yukiko Sawaya, Mahmood Sharif, Nicolas Christin, Ayumu Kubota, Akihiro Nakarai, Akira Yamada

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Computer security tools usually provide universal solutions without taking user characteristics (origin, income level,⋯) into account. In this paper, we test the validity of using such universal security defenses, with a particular focus on culture. We apply the previously proposed Security Behavior Intentions Scale (SeBIS) to 3,500 participants from seven countries. We first translate the scale into seven languages while preserving its reliability and structure validity. We then build a regression model to study which factors affect participants' security behavior. We find that participants from different countries exhibit different behavior. For instance, participants from Asian countries, and especially Japan, tend to exhibit less secure behavior. Surprisingly to us, we also find that actual knowledge influences user behavior much less than user self-confidence in their computer security knowledge. Stated differently, what people think they know affects their security behavior more than what they do know. Copyright is held by the author/owner(s).

Original language	English
Title of host publication	CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems
Subtitle of host publication	Explore, Innovate, Inspire
Publisher	Association for Computing Machinery
Pages	2202-2214
Number of pages	13
ISBN (Electronic)	9781450346559
DOIs	https://doi.org/10.1145/3025453.3025926
State	Published - 2 May 2017
Externally published	Yes
Event	2017 ACM SIGCHI Conference on Human Factors in Computing Systems, CHI 2017 - Denver, United States Duration: 6 May 2017 → 11 May 2017

Publication series

Name	Conference on Human Factors in Computing Systems - Proceedings
Volume	2017-May

Conference

Conference	2017 ACM SIGCHI Conference on Human Factors in Computing Systems, CHI 2017
Country/Territory	United States
City	Denver
Period	6/05/17 → 11/05/17

Keywords

Computer security
Cross-cultural study

Access to Document

10.1145/3025453.3025926

Cite this

Sawaya, Y., Sharif, M., Christin, N., Kubota, A., Nakarai, A., & Yamada, A. (2017). Self-confidence trumps knowledge: A cross-cultural study of security behavior. In CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire (pp. 2202-2214). (Conference on Human Factors in Computing Systems - Proceedings; Vol. 2017-May). Association for Computing Machinery. https://doi.org/10.1145/3025453.3025926

Sawaya, Yukiko ; Sharif, Mahmood ; Christin, Nicolas et al. / Self-confidence trumps knowledge : A cross-cultural study of security behavior. CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. Association for Computing Machinery, 2017. pp. 2202-2214 (Conference on Human Factors in Computing Systems - Proceedings).

@inproceedings{9999b8440f02444e90e832dda3b3e0d6,

title = "Self-confidence trumps knowledge: A cross-cultural study of security behavior",

abstract = "Computer security tools usually provide universal solutions without taking user characteristics (origin, income level,⋯) into account. In this paper, we test the validity of using such universal security defenses, with a particular focus on culture. We apply the previously proposed Security Behavior Intentions Scale (SeBIS) to 3,500 participants from seven countries. We first translate the scale into seven languages while preserving its reliability and structure validity. We then build a regression model to study which factors affect participants' security behavior. We find that participants from different countries exhibit different behavior. For instance, participants from Asian countries, and especially Japan, tend to exhibit less secure behavior. Surprisingly to us, we also find that actual knowledge influences user behavior much less than user self-confidence in their computer security knowledge. Stated differently, what people think they know affects their security behavior more than what they do know. Copyright is held by the author/owner(s).",

keywords = "Computer security, Cross-cultural study",

author = "Yukiko Sawaya and Mahmood Sharif and Nicolas Christin and Ayumu Kubota and Akihiro Nakarai and Akira Yamada",

note = "Publisher Copyright: {\textcopyright} 2017 ACM.; 2017 ACM SIGCHI Conference on Human Factors in Computing Systems, CHI 2017 ; Conference date: 06-05-2017 Through 11-05-2017",

year = "2017",

month = may,

day = "2",

doi = "10.1145/3025453.3025926",

language = "אנגלית",

series = "Conference on Human Factors in Computing Systems - Proceedings",

publisher = "Association for Computing Machinery",

pages = "2202--2214",

booktitle = "CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems",

}

Sawaya, Y, Sharif, M, Christin, N, Kubota, A, Nakarai, A & Yamada, A 2017, Self-confidence trumps knowledge: A cross-cultural study of security behavior. in CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. Conference on Human Factors in Computing Systems - Proceedings, vol. 2017-May, Association for Computing Machinery, pp. 2202-2214, 2017 ACM SIGCHI Conference on Human Factors in Computing Systems, CHI 2017, Denver, United States, 6/05/17. https://doi.org/10.1145/3025453.3025926

Self-confidence trumps knowledge: A cross-cultural study of security behavior. / Sawaya, Yukiko; Sharif, Mahmood; Christin, Nicolas et al.
CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. Association for Computing Machinery, 2017. p. 2202-2214 (Conference on Human Factors in Computing Systems - Proceedings; Vol. 2017-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Self-confidence trumps knowledge

T2 - 2017 ACM SIGCHI Conference on Human Factors in Computing Systems, CHI 2017

AU - Sawaya, Yukiko

AU - Sharif, Mahmood

AU - Christin, Nicolas

AU - Kubota, Ayumu

AU - Nakarai, Akihiro

AU - Yamada, Akira

PY - 2017/5/2

Y1 - 2017/5/2

N2 - Computer security tools usually provide universal solutions without taking user characteristics (origin, income level,⋯) into account. In this paper, we test the validity of using such universal security defenses, with a particular focus on culture. We apply the previously proposed Security Behavior Intentions Scale (SeBIS) to 3,500 participants from seven countries. We first translate the scale into seven languages while preserving its reliability and structure validity. We then build a regression model to study which factors affect participants' security behavior. We find that participants from different countries exhibit different behavior. For instance, participants from Asian countries, and especially Japan, tend to exhibit less secure behavior. Surprisingly to us, we also find that actual knowledge influences user behavior much less than user self-confidence in their computer security knowledge. Stated differently, what people think they know affects their security behavior more than what they do know. Copyright is held by the author/owner(s).

AB - Computer security tools usually provide universal solutions without taking user characteristics (origin, income level,⋯) into account. In this paper, we test the validity of using such universal security defenses, with a particular focus on culture. We apply the previously proposed Security Behavior Intentions Scale (SeBIS) to 3,500 participants from seven countries. We first translate the scale into seven languages while preserving its reliability and structure validity. We then build a regression model to study which factors affect participants' security behavior. We find that participants from different countries exhibit different behavior. For instance, participants from Asian countries, and especially Japan, tend to exhibit less secure behavior. Surprisingly to us, we also find that actual knowledge influences user behavior much less than user self-confidence in their computer security knowledge. Stated differently, what people think they know affects their security behavior more than what they do know. Copyright is held by the author/owner(s).

KW - Computer security

KW - Cross-cultural study

UR - http://www.scopus.com/inward/record.url?scp=85044846635&partnerID=8YFLogxK

U2 - 10.1145/3025453.3025926

DO - 10.1145/3025453.3025926

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85044846635

T3 - Conference on Human Factors in Computing Systems - Proceedings

SP - 2202

EP - 2214

BT - CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems

PB - Association for Computing Machinery

Y2 - 6 May 2017 through 11 May 2017

ER -

Sawaya Y, Sharif M, Christin N, Kubota A, Nakarai A, Yamada A. Self-confidence trumps knowledge: A cross-cultural study of security behavior. In CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. Association for Computing Machinery. 2017. p. 2202-2214. (Conference on Human Factors in Computing Systems - Proceedings). doi: 10.1145/3025453.3025926

Self-confidence trumps knowledge: A cross-cultural study of security behavior

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this