Cybersecurity attacks have increased as Internet technology has proliferated. Symantec’s 2013 Internet Security Report stated that two out of the top three causes of data breaches in 2012 were attributable to human error (Pelgrin, 2014). This suggests a need to educate end users so that they engage in behaviors that increase their cybersecurity. This study researched how a user’s knowledge affects their engagement in security behaviors. Security behaviors were operationalized into two categories: cyber hygiene and threat response behaviors. A sample of 194 San José State University students were recruited to participate in an observational study. Students completed a card sort, a semantic knowledge quiz, and a survey of their intention to perform security behaviors. A personality inventory was included to see if there would be any effects of personality on security behaviors. Multiple regression was used to see how card sorting and semantic knowledge quiz scores predicted security behaviors, but the results were not significant. Despite this, there was a correlation between cyber hygiene behaviors and threat response behaviors, as well as the Big Five personality traits. The results showed that many of the Big Five personality traits correlated with each other, which is consistent with other studies’ findings. The only personality trait that had a correlation with one of the knowledge measures was neuroticism, in which neuroticism had a negative correlation with the semantic knowledge quiz. Implications for future research are discussed to understand how knowledge, cyber hygiene behaviors, and threat response behaviors relate.
"Investigation of Attitudes Towards Security Behaviors,"
McNair Research Journal SJSU: Vol. 14
, Article 10.