- Risk Management The Role of Rituals in Information Security
Security practices often function as rituals—painstaking steps we follow out of habit that provide a sense of control. Rituals reduce stress by overloading working memory, blocking intrusive...
- Malware Fear vs. Anxiety in Cybersecurity: What We Can Do
Fear involves specific threats that can be addressed through threat modeling, while anxiety is a diffuse reaction to abstract concerns that's harder to resolve. Much security FUD induces anxiety...
- Privacy Learn the Future of Privacy and Social Interactions from Teens
Adults see privacy as controlling what's made public—private by default. Teens think about what to exclude from being public—public by default. Understanding these emerging norms and teenagers'...
- Risk Management Could Regulatory Compliance Encourage Weaker Security?
Compliance replaces social norms with market exchanges—companies see fines as a "price" rather than feeling obligated to protect data. Like day care parents who arrived late more often after fines...
- Privacy Teens on Formspring Are Redefining Privacy Norms
Sites like Formspring encourage teens to answer personal questions that mirror password-reset security questions—favorite colors, restaurants, and pet names. As privacy norms change and more personal...
- Incident Response Could a Data Breach Actually Help the Affected Brand?
Research shows negative publicity can increase awareness for relatively unknown brands—negative book reviews increased sales for unknown authors. For breaches unrelated to a company's core purpose,...