9:55am - 10:45am
Ballroom 1 and 2
The continued susceptibility of end users to cybersecurity attacks suggests an incomplete understanding of why some people ignore security advice and neglect using best practices or tools to prevent threats. A more detailed and nuanced approach can more accurately help target security interventions for end users according to their stage of intentional security behavior change. In this talk, you will learn about the Transtheoretical Model (TTM) of Behavior Change for use in a cybersecurity design context as part of a larger reframing of information privacy and security as a crisis of public health. You will view a visual diagram of six TTM Stages of Change and associated intervention strategies, as adapted from medical and wellness literature for use in encouraging exercise, sobriety and smoking cessation. These strategies will be related to examples of security interventions currently in use, such as password strength indicators and Facebook trusted contacts. This public health framing can help researchers and practitioners approach “wicked problems” of usable privacy and security, including false news and disinformation that are not “tame” or one-and-done engineering problems but social conditions that call for sustained, empowered action.