Impact of digital nudging on information security behavior: An experimental study on framing and priming in cybersecurity

Author

Kavya SHARMA
Xinhui ZHAN
Fiona Fui-hoon NAH, Singapore Management UniversityFollow
Keng SIAU, Singapore Management UniversityFollow
Maggie X. CHENG

Publication Type

Journal Article

Version

publishedVersion

Publication Date

10-2021

Abstract

Purpose: Phishing attacks are the most common cyber threats targeted at users. Digital nudging in the form of framing and priming may reduce user susceptibility to phishing. This research focuses on two types of digital nudging, framing and priming, and examines the impact of framing and priming on users' behavior (i.e. action) in a cybersecurity setting. It draws on prospect theory, instance-based learning theory and dual-process theory to generate the research hypotheses. Design/methodology/approach: A 3 × 2 experimental study was carried out to test the hypotheses. The experiment consisted of three levels for framing (i.e. no framing, negative framing and positive framing) and two levels for priming (i.e. with and without priming). Findings: The findings suggest that priming users to information security risks reduces their risk-taking behavior, whereas positive and negative framing of information security messages regarding potential consequences of the available choices do not change users' behavior. The results also indicate that risk-averse cybersecurity behavior is associated with greater confidence with the action, greater perceived severity of cybersecurity risks, lower perceived susceptibility to cybersecurity risks resulting from the action and lower trust in the download link. Originality/value: This research shows that digital nudging in the form of priming is an effective way to reduce users' exposure to cybersecurity risks.

Keywords

Cybersecurity, framing, priming, digital nudging, information security, user behavior

Discipline

Databases and Information Systems | Information Security

Research Areas

Data Science and Engineering

Publication

Organizational Cybersecurity Journal

Volume

19

Issue

1

First Page

69

Last Page

91

ISSN

2635-0270

Identifier

10.1108/OCJ-03-2021-0009

Publisher

Emerald

Citation

SHARMA, Kavya; ZHAN, Xinhui; NAH, Fiona Fui-hoon; SIAU, Keng; and CHENG, Maggie X.. Impact of digital nudging on information security behavior: An experimental study on framing and priming in cybersecurity. (2021). Organizational Cybersecurity Journal. 19, (1), 69-91.
Available at: https://ink.library.smu.edu.sg/sis_research/9526

Copyright Owner and License

Author-CC-BY

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1108/ocj-03-2021-0009