Abstract
A common theme across cybersecurity solutions is a lack of transparency for end-users. Our prototype, Cyber Hygiene Intelligence & Performance (CHIP), was purposefully designed to improve end users’ cyber hygiene and cyber situation awareness. We begin by addressing current cybersecurity training solutions, their inability to continuously impact user cyber hygiene and cyber situation awareness (CSA), and how end users’ needs for transparency are overlooked. We then illustrate the major stages of our design process for the medium-fidelity CHIP prototype, including defining, ideation, prototyping, and analysis. For each design stage, we describe our methodologies, major decision points, design considerations, and outcomes. We then highlight our between-groups survey experiment that measured cyber hygiene and CSA for an experimental group, who received CHIP notifications while completing web-based tasks, compared to a control group, who completed the same tasks without any notifications. Our findings show promise for a web application-based solution like CHIP to increase cyber hygiene and CSA for specific cyber threats.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ng, B.Y., Xu, Y.: Studying users’ computer security behavior using the Health Belief Model. In: Pacific Asia Conference on Information Systems (PACIS) 2007 Proceedings, vol. 45, pp. 423–437 (2007)
Assante, M.J., Tobey, D.H.: Enhancing the cybersecurity workforce. IT Prof. 13(1), 12–15 (2011)
Aloul, F.A.: The need for effective information security awareness. J. Adv. Inf. Technol. 3(3), 176–183 (2012)
Nagarajan, A., Allbeck, J.M., Sood, A., Janssen, T.L.: Exploring game design for cybersecurity training. In: 2012 IEEE International Conference on Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), pp. 256–262 (2012)
Cain, A.A., Edwards, M.E., Still, J.D.: An exploratory study of cyber hygiene behaviors and knowledge. J. Inf. Secur. Appl. 42, 36–45 (2018)
Carter, A.: The Department of Defense cyber strategy. The US Department of Defense, Washington, DC (2015). https://archive.defense.gov/home/features/2015/0415_cyber-strategy/final_2015_dod_cyber_strategy_for_web.pdf. Accessed 10 June 2021
Griffith, V., Jakobsson, M.: Messin’ with Texas deriving mother’s maiden names using public records. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, ACNS 2005, vol. 3531, pp. 91–103. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_7
Rabkin, A.: Personal knowledge questions for fallback authentication: security questions in the era of Facebook. In: Proceedings of the 4th Symposium on Usable Privacy and Security, pp. 13–23 (2008)
Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L.F., Downs, J.: Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 373–382 (2010)
Malkin, N., Mathur, A., Harbach, M., Egelman, S.: Personalized security messaging: nudges for compliance with browser warnings. In: 2nd European Workshop on Usable Security. Internet Society (2017)
Harris, M.A., Patten, K., Regan, E.: The need for BYOD mobile device security awareness and training. In: Proceedings of the Nineteenth Americas Conference on Information Systems (2013)
Caldwell, T.: Training–the weakest link. Comput. Fraud Secur. 9, 8–14 (2012)
Franke, U., Brynielsson, J.: Cyber situational awareness – a systematic review of the literature. Comput. Secur. 46, 18–31 (2014)
Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues Inf. Warfare Secur. Res. 1(1), 113–125 (2011)
Denis, C., Karsenty, L.: Inter-usability of multi-device systems: a conceptual framework. In: Multiple User Interfaces: Cross-Platform Applications and Context-Aware Interfaces, pp. 373–384 (2004)
Google Chrome Developers: Extensions and apps in the chrome web store. https://developer.chrome.com/docs/webstore/apps_vs_extensions/. Accessed 9 June 2021
Rafailidis, D., Manolopoulos, Y.: Can virtual assistants produce recommendations? In: Proceedings of the 9th International Conference on Web Intelligence, Mining and Semantics, pp. 1–6 (2019)
Shneiderman, B.: Human-centered artificial intelligence: three fresh ideas. AIS Trans. Hum.-Comput. Interact. 12(3), 109–124 (2020)
Geiger, R.S.: Are computers merely “supporting” cooperative work?: towards an ethnography of bot development. In: Proceedings of the 2013 Conference on Computer Supported Cooperative Work Companion, pp. 51–56 (2013)
Friedman, V.: Privacy UX: Better notifications and permission requests. https://www.smashingmagazine.com/2019/04/privacy-better-notifications-ux-permission-requests/. Accessed 9 June 2021
MacKenzie, I.S.: Fitts’ law as a research and design tool in human-computer interaction. Hum.-Comput. Interact. 7(1), 91–139 (1992)
Proctor, R.W., Schneider, D.W.: Hick’s law for choice reaction time: a review. Q. J. Exp. Psychol. 71(6), 1281–1299 (2018)
Kivetz, R., Urminsky, O., Zheng, Y.: The goal-gradient hypothesis resurrected: purchase acceleration, illusionary goal progress, and customer retention. J. Mark. Res. 43(1), 39–58 (2006)
Endsley, M.R., Garland, D.J. (eds.): Situation Awareness Analysis and Measurement. CRC Press (2000)
Selcon, S.J., Taylor, R.M.: Evaluation of the situation awareness rating technique (SART) as a tool for aircrew systems design. Paper Presented at the AGARD AMP Symposium ‘Situational Awareness in Aerospace Operations’, Neuilly Sur Seine, France, pp. 23–52 (1990)
Acknowledgments
This work was supported in part by the Commonwealth Cyber Initiative, an investment in the advancement of cyber R&D, innovation and workforce development. For more information about CCI, visit cyberinitiative.org. We thank everyone at MI Technical Solutions for their involvement in identifying cyber hygiene concerns and technical constraints.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Mator, J.D., Still, J.D. (2021). Impact of the Cyber Hygiene Intelligence and Performance (CHIP) Interface on Cyber Situation Awareness and Cyber Hygiene. In: Stephanidis, C., et al. HCI International 2021 - Late Breaking Papers: Design and User Experience. HCII 2021. Lecture Notes in Computer Science(), vol 13094. Springer, Cham. https://doi.org/10.1007/978-3-030-90238-4_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-90238-4_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90237-7
Online ISBN: 978-3-030-90238-4
eBook Packages: Computer ScienceComputer Science (R0)