Abstract
Mental Models, informal representations of reality, provide an appealing explanation for the apparently non-rational decisions of users. Although users may be attempting to make secure decisions, the use of incomplete or incorrect information security mental models as a shortcut to decision making may lead to undesirable results. We describe mental models of Viruses and Hackers drawing on data from a survey of 609 adult computer users and link these to security behaviours and perceptions. We find that there are potentially just a small number of common security beliefs and suggest that accommodating these mental models during security design may be more beneficial to long-term security than expecting users to change to accommodate security requirements.
Recommended Citation
Thompson, Nik and Mcgill, Tanya, "Mining the Mind – Applying Quantitative Techniques to Understand Mental Models of Security" (2017). ACIS 2017 Proceedings. 50.
https://aisel.aisnet.org/acis2017/50