Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

NIST study – Security Fatigue

Security Fatigue, Issue No. 05 – Sept.-Oct. (2016 vol. 18) ISSN: 1520-9202 pp: 26-32 DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2016.84

“Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users’ security decisions. A semistructured interview protocol was used to collect data (N = 40). Interview questions addressed online activities; computer security perceptions; and the knowledge and use of security icons, tools, and terminology. Qualitative data techniques were used to code and analyze the data identifying security fatigue and contributing factors, symptoms, and outcomes of fatigue. Although fatigue was not directly part of the interview protocol, more than half of the participants alluded to fatigue in their interviews. Participants expressed a sense of resignation, loss of control, fatalism, risk minimization, and decision avoidance, all characteristics of security fatigue. The authors found that the security fatigue users experience contributes to their cost-benefit analyses in how to incorporate security practices and reinforces their ideas of lack of benefit for following security advice.”

Sorry, comments are closed for this post.