Konstantinos Mersinas
Cybersecurity behavior change: A conceptualization of ethical principles for behavioral interventions
Mersinas, Konstantinos; Bada, Maria; Furnell, Steven
Authors
Abstract
The importance of changing behaviors is gradually being acknowledged in cybersecurity, and the reason is the realization that a notable portion of security incidents have a human-related component. Thus, enhancing behaviors at individual level, can bring a significant reduction in security breaches overall. Behavior change refers to any modification of human behavior through some type of intervention. Interventions from behavioral economics and psychology are being increasingly introduced in the field, however, the ethics surrounding such interventions are largely neglected. In this paper, we raise the ethical issues associated with behavioral intervention approaches. We draw on the traditionally more mature field of biomedical ethics and propose six clusters of ethical principles suitable for cybersecurity behavior change. We conducted a survey (N = 141) to identify individuals’ perceptions on the proposed ethical principles and validate their perceived usefulness. We analyze an existing intervention in the light of our six-principle conceptualization to showcase how it can be used as a practical apparatus. Our set of ethical principles are aimed for cybersecurity professionals, policy makers, and behavioral intervention designers, and can serve as a starting point for best-practice development in cybersecurity behavior change ethics.
Citation
Mersinas, K., Bada, M., & Furnell, S. (2025). Cybersecurity behavior change: A conceptualization of ethical principles for behavioral interventions. Computers and Security, 148, Article 104025. https://doi.org/10.1016/j.cose.2024.104025
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Jul 25, 2024 |
| Online Publication Date | Aug 14, 2024 |
| Publication Date | Jan 1, 2025 |
| Deposit Date | Jul 26, 2024 |
| Publicly Available Date | Aug 15, 2026 |
| Journal | Computers and Security |
| Print ISSN | 0167-4048 |
| Electronic ISSN | 0167-4048 |
| Publisher | Elsevier |
| Peer Reviewed | Peer Reviewed |
| Volume | 148 |
| Article Number | 104025 |
| DOI | https://doi.org/10.1016/j.cose.2024.104025 |
| Keywords | Cybersecurity behavior change; behavioral interventions; ethics; autonomy; justice; nonmaleficence; beneficence; transparency; privacy |
| Public URL | https://nottingham-repository.worktribe.com/output/37603084 |
| Additional Information | This article is maintained by: Elsevier; Article Title: Cybersecurity Behavior Change: A conceptualization of Ethical Principles for Behavioral Interventions; Journal Title: Computers & Security; CrossRef DOI link to publisher maintained version: https://doi.org/10.1016/j.cose.2024.104025; Content Type: article; Copyright: © 2024 The Authors. Published by Elsevier Ltd. |
Files
1-s2.0-S0167404824003304-main
(1.2 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by-nc-nd/4.0/
Copyright Statement
© 2024 The Authors. Published by Elsevier Ltd.
You might also like
Pre-Signature Scheme for Trustworthy Offline V2V Communication
(2023)
Presentation / Conference Contribution
Evaluation of Contextual and Game-Based Training for Phishing Detection
(2022)
Journal Article
Accessible authentication: Assessing the applicability for users with disabilities
(2021)
Journal Article
Developing a cyber security culture: Current practices and future needs
(2021)
Journal Article
An empirical analysis of the information security culture key factors framework
(2021)
Journal Article
Downloadable Citations
About Repository@Nottingham
Administrator e-mail: discovery-access-systems@nottingham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search