How Are Czech Individuals Willing to Protect Themselves: A Comparison of Cyber and Physical Realms

Kleiner, Jan; Drmola, Jakub; Mares, Miroslav

doi:10.5604/01.3001.0016.1322

Artykuł - szczegóły

Tytuł artykułu

How Are Czech Individuals Willing to Protect Themselves: A Comparison of Cyber and Physical Realms

Autorzy

Kleiner Jan , Drmola Jakub , Mares Miroslav

Treść / Zawartość

Pełne teksty:

Pobierz

Identyfikatory

DOI

10.5604/01.3001.0016.1322

Warianty tytułu

Języki publikacji

Abstrakty

Endpoint users are usually viewed as the highest-risk element in the field of cybersecurity. At the same time, they need to be protected not just from the individual-level prism but also, from the state’s perspective, to counter threats like botnets that harvest weakly secured endpoints and forge an army of so-called zombies that are often used to attack critical infrastructure or other systems vital to the state. Measures aimed at citizens like the Israeli hotline for cybersecurity incidents or Estonian educational efforts have already started to be implemented. However, little effort is made to understand the recipients of such measures. Our study uses the survey method to partly fill this gap and investigate how endpoint users (citizens) are willing to protect themselves against cyber threats. To make results more valid, a unique comparison was made between cyber threats and physical threats according to the impact which they had. The results show statistically significant differences between comparable cyber-physical pairs indicating that a large portion of the sample was not able to assess the threat environment appropriately and that state intervention with fitting countermeasures is required. The resultant matrix containing frequencies of answers denotes what portion of respondents are willing to invest a certain amount of time and money into countering given threats, this enables the possible identification of weak points where state investment is needed most.

Słowa kluczowe

cyber-physical comparison cybersecurity survey

porównanie cyber-fizyczne cyberbezpieczeństwo ankieta

Wydawca

NASK – National Research Institute

Czasopismo

Applied Cybersecurity & Internet Governance

Rocznik

2022

Tom

Vol. 1, No. 1

Strony

1--14

Opis fizyczny

Bibliogr. 29 poz., tab.

Twórcy

autor

Kleiner Jan

Department of Political Science, Faculty of Social Studies, Masaryk University, Brno, Czech Republic

https://orcid.org/0000-0001-9950-410X

autor

Drmola Jakub

Department of Political Science, Faculty of Social Studies, Masaryk University, Brno, Czech Republic

https://orcid.org/0000-0003-4275-2115

autor

Mares Miroslav

mmares@fss.muni.cz

Department of Political Science, Faculty of Social Studies, Masaryk University, Brno, Czech Republic

https://orcid.org/0000-0002-7102-3205

Bibliografia

1. KnowBe4, Security Awareness Training [Online]. Available: https://www.knowbe4.com/en/products/enterprise-security-awareness-training/. [Accessed: Mar. 30, 2020].
2. Z. Yan, T. Robertson, R. Yan, S. YonPark, S. Bordoff et al., “Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment?,” Computers in Human Behavior, vol. 84, pp. 375–382, 2018, doi: 10.1016/j.chb.2018.02.019.
3. BBC. (2018, Oct. 5). Weak passwords banned in California from 2020 [Online]. Available: https://www.bbc.com/news/technology-45757528. [Accessed: Nov. 3, 2022].
4. E. Dreyfuss. (2018, Oct. 6). A Good Password Law, Hardware Hacks, and More Security News This Week [Online]. Available: https://www.wired.com/story/security-news-this-week-good-news-california-bansbad-default-passwords/. [Accessed: Nov. 3, 2022].
5. Williams D. (2019, Feb. 18). Israeli cyber-hotline offers help for the hacked, Reuters [Online]. Available: https://www.reuters.com/article/us-cyber-israel-hotline-idUSKCN1Q70K1. [Accessed: Nov. 3, 2022].
6. B. Willemsen and M. Cadee, “Extending the airport boundary: Connecting physical security and cybersecurity,” Journal of Airport Management, vol. 12, no. 3, pp. 236–247, 2018.
7. J. Kävrestad, M. Gellerstedt, M. Nohlberg, and J. Rambusch, “Survey of Users’ Willingness to Adopt and Pay for Cybersecurity Training,” in Human Aspects of Information Security and Assurance: 16th IFIP WG 11.12 International Symposium, HAISA 2022, Greece, N. Clarke, S. Furnell, Eds. Cham: Springer, 2022, pp. 14–23. doi: 10.1007/978-3-031-12172-2_2.
8. S. M Furman, M. F. Theofanos, Y. Choong, B. Stanton, “Basing Cybersecurity Training on User Perceptions,” IEEE Computer and Reliability Societies, vol. 10, no. 2, pp. 40–49, 2012, doi: 10.1109/MSP.2011.180.
9. S. Bauman, M. L. Newman, “Testing assumptions about cyberbullying: Perceived distress associated with acts of conventional and cyber bullying,” Psychology of Violence, vol. 3, no. 1, pp. 27–38, 2013, doi: 1037/a0029867.
10. M. Fagan, M. M. H. Khan, “To Follow or Not to Follow: A Study of User Motivations around Cybersecurity Advice,” IEEE Computer Society, vol. 22, no. 5, pp. 25–34, 2018, doi: 10.1109/MIC.2017.3301619.
11. N. C. Schaeffer, S. Presser, “The Science of Asking Questions,” Annual Review of Sociology, vol. 29, pp. 65–88, 2003, doi: 10.1146/annurev.soc.29.110702.110112.
12. J. Bourke, A. Kirby, and J. Doran, Survey and Questionnaire Design. Ireland: Oak Tree Press, 2016.
13. F. J. Fowler and T. W. Mangione, Standardized Survey Interviewing: Minimising Interviewer-Related Error. Newbury Park, CA: Sage Publications, 1990.
14. J. Kleiner. (2016). “Analýza kybernetických hrozeb eGovernmentu a jejich rizik pro ČR” [Online]. Available: https://is.muni.cz/th/inn08/KLEINER_Analyza_horzeb_eGovernmentu_a_jejich_rizik_pro_CR.pdf. [Accessed: Nov. 7, 2022].
15. P. Zeman, Česká bezpečnostní terminologie: výklad základních pojmů. Brno: Masaryk University, 2002.
16. Techopedia. (2022, Apr. 25). Definition – What Does Cyberthreat Mean? [Online]. Available: https://www.techopedia.com/definition/25263/cyberthreat. [Accessed: Nov. 7, 2022].
17. Merriam-Webster, Definition of physical [Online]. Available: https://www.merriam-webster.com/dictionary/physical. [Accessed: Nov. 8, 2022].
18. E. P. Cox, “The optimal number of response alternatives for a scale: a review,” Journal of Marketing Research, vol. 17, no. 4, pp. 407–422, 1980, doi: 10.1177/002224378001700401.
19. Český statistický úřad. (2019). Průměrné mzdy – 1. čtvrtletí 2019” [Online]. Available: https://www.czso.cz/csu/czso/cri/prumerne-mzdy-1-ctvrtleti-2019. [Accessed: Nov. 7, 2022].
20. Czech Republic. (2009). Zákon č. 40/2009 Sb. Zákon trestní zákoník 2009 [Online]. https://www.zakonyprolidi.cz/cs/2009-40/zneni-20220901. [Accessed: Nov. 7, 2022].
21. W. Chai. (2022). Definition: confidentiality, integrity, and availability (CIA triad) [Online]. Available: https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA. [Accessed: Nov. 7, 2022].
22. Google, Tipy, jak zajistit větší online bezpečnost [Online]. Available: https://safety.google/intl/cs/security/security-tips/. [Accessed: Nov. 7, 2022].
23. UC Berkeley, Top 10 Secure Computing Tips [Online]. Available: https://security.berkeley.edu/resources/best-practices-how-to-articles/top-10-secure-computing-tips. [Accessed: Nov. 7, 2022].
24. J. Kleiner. (2020). Kybernetická bezpečnost koncových uživatelů v ČR a jejich ochota se zabezpečit [Online]. Available: https://is.muni.cz/th/xsa0b/Kleiner_DP_Kyberbezpecnost_koncovych_uzivatelu_Archive.pdf. [Accessed: Nov. 7, 2022].
25. Visions of Humanity. (2020). Global Peace Index 2020 [Online]. Available: https://www.visionofhumanity.org/maps/#//. [Accessed: Nov. 7, 2022].
26. D. Schimmer. (2019). Statistika kyberkriminality [Online]. Available: https://www.policie.cz/clanek/statistika-kyberkriminality.aspx. [Accessed: Nov. 8, 2022].
27. T. A. Tunggal. (2020, June 1). The 36 Biggest Data Breaches [Online]. Available: https://www.upguard.com/blog/biggest-data-breaches. [Accessed: Nov. 8, 2022].
28. R. H. Thaler and C. R. Sunstein, Nudge: Improving decisions about health, wealth, and happiness. New Heaven: Yale University Press, 2008.
29. K. Olmstead, A. Smith, (2017, Mar. 22). What the Public Knows About Cybersecurity [Online]. Available: https://www.pewresearch.org/internet/2017/03/22/what-the-public-knows-about-cybersecurity/. [Accessed: Nov. 8, 2022].

Uwagi

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-782c9f97-7fa0-422a-bd06-5ab19b6fee77