Kaspersky’s latest white paper, in partnership with Associate Professor Jiow Hee Jhee of the Singapore Institute of Technology, presents an understanding of the motivational drivers that influence individuals’ behaviours towards certain cybersecurity issues. The survey was conducted among educators across India, Singapore, and the Philippines.
Driven by motivations to build a cyber-immune global community and to provide cybersecurity education for the next generation, the white paper outlines actionable insights for cyber-safe practices that educators in Asia can adopt. Across the three areas studied, coping appraisal is the strongest determinant for the respondents’ motivation to connect to secure Wi-Fi, open unknown links, and adopt strong passwords. Coping appraisal refers to one’s assessment of the efficacy of a behavioral response to a threat, the degree of difficulty in enacting the response, and the costs associated with carrying out that response.
In essence, the study revealed that respondents who had a significant understanding of the negative consequences of practicing poor cyber hygiene were more likely to adopt positive online behaviors. This essentially meant that the strongest motivator to practice cybersecurity is based on an individual’s ability to mitigate or prevent a potential threat and their capacity to carry out a recommended response. Interestingly, age, gender and educational levels had no impact on the results.
Coping appraisal, or adaptive response, includes an individual’s consideration of how a recommended behavior can prevent or reduce possible harm (response efficacy) and whether that person can accomplish that recommended protective response (self-efficacy). An example of perceived response efficacy would be the belief that using secured Wi-Fi networks will stop cyber intrusions into an individual’s digital device.
Whereas for self-efficacy, an example would be the capability of dealing with suspicious emails, whether an individual would open unknown links or attachments. It was also found that when individuals understand that perpetrators can perform nefarious operations on their devices, they will likely connect to a secure Wi-Fi network. Four in five of the respondents shared that they would connect to a secure network when they realised the negative consequences of using an insecure Wi-Fi connection. 75% believe that they could prevent cyber intrusions if they used a secure Wi-Fi connection.
Similarly, the majority of the respondents (90%) agreed they could introduce malware into their digital devices if they open links or attachments from unknown sources. As a preventive measure, 85% shared that they could prevent cyber intrusions into their digital devices by not opening links or attachments from suspicious sources.
With regards to adopting strong passwords, one of the most common cyber hygiene best practices, 6 out of 10 would adopt a complex password if they received instructions on how to make them memorable.
“Our study shows that it is important for users of the cyber world to be educated on the severity of the consequences as well as the vulnerability of being victims. More importantly, we must be able to encourage and support users in ways they can manage (and cope with) the protective measures, so as to foster their cyber resilience,” commented Associate Professor Jiow Hee Jhee of the Singapore Institute of Technology.
Based on these observed patterns of online behaviours linked to safety and security, it can be inferred that positive messaging can significantly influence behaviour change, complemented by an understanding of the cyber threats they face.
· Framing and designing cybersecurity messages intended to change behaviour should highlight what one can do – and that one can do it confidently – to address cybersecurity issues and threats. The recommended actions should underscore how effective they are in preventing or mitigating these threats. Empowering messages should be salient and relatable.
· Learning about cyber threats and their consequences enables them to make informed decisions. However, when creating persuasive messages in this context, focus on how they can prevent, respond to, and overcome these threats rather than appealing to fear.
· Changing their pre-existing attitudes would require leveraging their tendency to protect themselves from harm. In this study, protecting means having the ability to take precautionary measures that they assessed to be effective.
Learning cybersecurity: What motivates individuals to practice online safety is a white paper by Kaspersky and Associate Professor Jiow Hee Jhee which aims to examine the motivational drivers influencing individuals’ behaviours online using the Protection Motivation Theory (PMT).
PMT is a framework used to examine the factors that influence individual behaviours towards a potential threat. The model explains why people adopt or reject a suggested behaviour after a thorough assessment of a threat, risk, vulnerability, and/or their ability to engage in protective behaviours and the cost attached to it. Adopting the PMT, the paper seeks to understand the motivational drivers that influence behaviours towards certain cybersecurity issues, particularly on connecting to a secure internet connection, dealing with suspicious links and attachments, and adopting strong passwords.
“These findings underscore the importance of comprehending the importance of negative consequences of unsafe online behaviours and how it impacts future cybersecurity practices. As digitalisation accelerates and redefines the future, our activities and decisions online will drastically affect our lives. Cybersecurity education remains relevant and an utmost priority,” said Evgeniya Russkikh, Head of Cybersecurity Education at Kaspersky.
Moreover, this research draws our attention to the value of providing more cybersecurity training to teachers as they play a critical role in transferring cyber hygiene skills to the next generation,” she added.
To keep yourself safe online, ensure good cyber hygiene:
1. Develop regular routines and habits. Ensure you are practising cyber hygiene regularly by building a routine. Set reminders for routine housekeeping such as updating your devices and software, scanning for viruses, and updating your passwords.
2. Consider using the right tools to protect yourself. A comprehensive cyber security solution or VPN solution can protect you against several types of cyberattacks.
3. Think before you do. Remember what we do and post online are often irreversible.