Exploring Behavioural Strategies in Cyberinsurance Adoption

Yolanda Gómez; Dawn Branley-Bell; Pam Briggs; José Vila

doi:10.1145/3673805.3673816

Exploring Behavioural Strategies in Cyberinsurance Adoption

Yolanda Gómez, Dawn Branley-Bell, Pam Briggs, José Vila

Psychology Department

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

This study explores decision making around the purchase of cyberinsurance and the impact on cybersecurity behaviours. In an online experiment, involving 4,800 participants across four countries, we found that rational choice models fail to predict cybersecurity decisions. Specifically, individuals tend to opt for an overprotective cybersecurity strategy by ensuring higher protection levels and insurance coverage than expected utility theory would deem necessary. Two key implications are highlighted: Firstly, the need to focus on the human component of cybersecurity, and secondly, the need to develop behaviour-oriented interventions driven by theory and capable of accounting for the non-rational component of cybersecurity decision-making.

Original language	English
Title of host publication	Proceedings of European Conference on Cognitive Ergonomics 2024 (ECCE 2024)
Place of Publication	New York, US
Publisher	ACM
Pages	1-6
Number of pages	6
ISBN (Electronic)	9798400718243
DOIs	https://doi.org/10.1145/3673805.3673816
Publication status	Published - 8 Oct 2024
Event	ECCE 2024: European Conference on Cognitive Ergonomics: Contributing to a sustainable and participatory future - The Conservatoire national des arts et métiers (CNAM), Paris, France Duration: 8 Oct 2024 → 10 Oct 2024 https://www.ecce2024.telecom-paris.fr/

Conference

Conference	ECCE 2024: European Conference on Cognitive Ergonomics
Country/Territory	France
City	Paris
Period	8/10/24 → 10/10/24
Internet address	https://www.ecce2024.telecom-paris.fr/

Keywords

behavioral experiment
cyberinsurance
cybersecurity
moral hazard

Access to Document

10.1145/3673805.3673816

ECCEconference_submission_author accepted manuscriptAccepted author manuscript, 567 KB

Cite this

@inproceedings{a5fcbebeb2c84f0b9b2dcaaa557319f3,

title = "Exploring Behavioural Strategies in Cyberinsurance Adoption",

abstract = "This study explores decision making around the purchase of cyberinsurance and the impact on cybersecurity behaviours. In an online experiment, involving 4,800 participants across four countries, we found that rational choice models fail to predict cybersecurity decisions. Specifically, individuals tend to opt for an overprotective cybersecurity strategy by ensuring higher protection levels and insurance coverage than expected utility theory would deem necessary. Two key implications are highlighted: Firstly, the need to focus on the human component of cybersecurity, and secondly, the need to develop behaviour-oriented interventions driven by theory and capable of accounting for the non-rational component of cybersecurity decision-making.",

keywords = "behavioral experiment, cyberinsurance, cybersecurity, moral hazard",

author = "Yolanda G{\'o}mez and Dawn Branley-Bell and Pam Briggs and Jos{\'e} Vila",

year = "2024",

month = oct,

day = "8",

doi = "10.1145/3673805.3673816",

language = "English",

pages = "1--6",

booktitle = "Proceedings of European Conference on Cognitive Ergonomics 2024 (ECCE 2024)",

publisher = "ACM",

address = "United States",

note = "ECCE 2024: European Conference on Cognitive Ergonomics : Contributing to a sustainable and participatory future ; Conference date: 08-10-2024 Through 10-10-2024",

url = "https://www.ecce2024.telecom-paris.fr/",

}

TY - GEN

T1 - Exploring Behavioural Strategies in Cyberinsurance Adoption

AU - Gómez, Yolanda

AU - Branley-Bell, Dawn

AU - Briggs, Pam

AU - Vila, José

PY - 2024/10/8

Y1 - 2024/10/8

N2 - This study explores decision making around the purchase of cyberinsurance and the impact on cybersecurity behaviours. In an online experiment, involving 4,800 participants across four countries, we found that rational choice models fail to predict cybersecurity decisions. Specifically, individuals tend to opt for an overprotective cybersecurity strategy by ensuring higher protection levels and insurance coverage than expected utility theory would deem necessary. Two key implications are highlighted: Firstly, the need to focus on the human component of cybersecurity, and secondly, the need to develop behaviour-oriented interventions driven by theory and capable of accounting for the non-rational component of cybersecurity decision-making.

AB - This study explores decision making around the purchase of cyberinsurance and the impact on cybersecurity behaviours. In an online experiment, involving 4,800 participants across four countries, we found that rational choice models fail to predict cybersecurity decisions. Specifically, individuals tend to opt for an overprotective cybersecurity strategy by ensuring higher protection levels and insurance coverage than expected utility theory would deem necessary. Two key implications are highlighted: Firstly, the need to focus on the human component of cybersecurity, and secondly, the need to develop behaviour-oriented interventions driven by theory and capable of accounting for the non-rational component of cybersecurity decision-making.

KW - behavioral experiment

KW - cyberinsurance

KW - cybersecurity

KW - moral hazard

UR - http://www.scopus.com/inward/record.url?scp=85208548062&partnerID=8YFLogxK

U2 - 10.1145/3673805.3673816

DO - 10.1145/3673805.3673816

M3 - Conference contribution

SP - 1

EP - 6

BT - Proceedings of European Conference on Cognitive Ergonomics 2024 (ECCE 2024)

PB - ACM

CY - New York, US

T2 - ECCE 2024: European Conference on Cognitive Ergonomics

Y2 - 8 October 2024 through 10 October 2024

ER -

Exploring Behavioural Strategies in Cyberinsurance Adoption

Abstract

Conference

Keywords

Access to Document

Other files and links

Cite this