How can persuasion reduce user cyber security vulnerabilities?

John Paul Vargheese, Matthew Collinson, Judith Masthoff

Research output: Contribution to conferenceUnpublished paperpeer-review


End users’ behaviour often leads to cyber security vulnerabilities. Recent studies investigating user error as a critical vulnerability within an organisation’s security have emphasised the need for closer consideration of human factors when designing and implementing security solutions. This has led to an increasing focus on usable security design principles that seek to inform, enable and assist users to perform tasks securely and appropriately respond to potential threats. These objectives are often reinforced through provision of user security training and information awareness campaigns. However, despite these eorts, end users remain the target for increasingly sophisticated cyber attacks. In this paper, we discuss recent studies that stress the need for greater attention to human factors and motivate the potential for behavioural change interventions to support cyber security. We review behavioural insights into possible causes of user non-compliance with cyber security best practice, cognitive biases that are related to these insecure behaviours and cyber security risk communication challenges and recommendations. We discuss how persuasion incorporated within cyber security risk communications could reduce user cyber security vulnerabilities and outline a proposed methodology for designing persuasive strategies for this purpose.

Original languageEnglish
Number of pages4
Publication statusPublished - 2018
Event2018 Convention of the Society for the Study of Artificial Intelligence and the Simulation of Behaviour, AISB 2018 - Liverpool, United Kingdom
Duration: 4 Apr 20186 Apr 2018


Conference2018 Convention of the Society for the Study of Artificial Intelligence and the Simulation of Behaviour, AISB 2018
Country/TerritoryUnited Kingdom


  • Behaviour change
  • Cyber Security
  • Human factors
  • Persuasive technology


Dive into the research topics of 'How can persuasion reduce user cyber security vulnerabilities?'. Together they form a unique fingerprint.

Cite this