Applying Norms and Sanctions to Promote Cybersecurity Hygiene
| Title | Applying Norms and Sanctions to Promote Cybersecurity Hygiene |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Shubham Goyal, Nirav Ajmeri, Munindar P. Singh |
| Conference Name | Proceedings of the 18th International Conference on Autonomous Agents and MultiAgent Systems (AAMAS) |
| Publisher | IFAAMAS |
| Conference Location | Montréal |
| Keywords | 2019: April, NCSU, Policy-Governed Secure Collaboration |
| Abstract | Many cybersecurity breaches occur due to users not following security regulations, chief among them regulations pertaining to what might be termed hygiene---including applying software patches to operating systems, updating software applications, and maintaining strong passwords. We capture cybersecurity expectations on users as norms. We empirically investigate sanctioning mechanisms in promoting compliance with those norms as well as the detrimental effect of sanctions on the ability of users to complete their work. We do so by developing a game that emulates the decision making of workers in a research lab. We find that relative to group sanctions, individual sanctions are more effective in achieving compliance and less detrimental on the ability of users to complete their work. |
| Notes | Extended abstract |
| Citation Key | AAMAS-19:Sanctions |