Publication Date

Spring 2016

Degree Type


Degree Name

Master of Arts (MA)




David Schuster


Complacency, Cyber Security, Trust

Subject Areas

Experimental psychology; Psychology; Cognitive psychology


Improved understanding of conditions that foster appropriate use of security tools by cyber security professionals is crucial for protecting companies from financial losses. Trust has been an important topic in the literature because of its role in allowing for cooperation among humans and automation and because of its relationship with appropriate use. The current study aimed to extend the finding that high trust leads to complacency in the domain of cyber security and to clarify a discrepancy in the literature about complacency’s operationalization by measuring information sampling behaviors directly. The sample consisted of 101 first year psychology students. The independent variable was the reliability of an intrusion detection system (IDS), and complacency and self-report trust were dependent measures. Trust was measured by a self-report questionnaire (Jian et al., 2000). Complacency was measured by reverse coding the number of clicks used to drill down for information in log files in a simulated IDS. Information sampling behavior provides a more direct and accurate measure of complacency than previously used performance measures. It was hypothesized that when supervising an IDS, high reliability of the IDS would lead to complacency, and trust with automation would mediate this relationship. Although reliability was found to predict both trust and complacency, the mediation was not supported. Results suggest new considerations in measuring trust in laboratory and field settings.