@inproceedings{80869fbaac384d799f7052ed669a9a5b,
title = "Individual preferences in security risk decision making: an exploratory study under security professionals",
abstract = "Risk assessments in the (cyber) security domain are often, if not always, based on subjective expert judgement. For the first time, to the best of our knowledge, the individual preferences of professionals from the security domain are studied. In on online survey they are asked to mention, rate and rank their preferences when assessing a security risk. The survey setup allows to differentiate between easily accessible or “on top of mind” attributes and guided or stimulated attributes. The security professionals are also challenged to both non-compensatory and compensatory decision making on the relevance of the attributes. The results of this explorative study indicate a clear difference and shift in the individual perceived relevance of attributes in these different settings. Another remarkable finding of this study is the predominant focus on impact attributes by the respondents and the less significant position of likelihood or probability. The majority of professionals seem to ignore likelihood in their security risk assessment. This might be due to so called probability neglect as introduced by other scholars. the security in organisations and society is depending on the assessment and judgement of these professionals, understanding their preferences and the influence of cognitive biases is paramount. This study contributes to this body of knowledge and might raise attention to this important topic in both the academic and professional security domain.",
keywords = "Decision biases, Decision making, Preferences, Probability neglect, Risk management, Security risk assessment",
author = "{de Wit}, {Johan J.} and Wolter Pieters and {van Gelder}, {Pieter H.A.J.M.}",
year = "2021",
doi = "10.2495/SAFE210161",
language = "English",
volume = "206",
series = "WIT Transactions on the Built Environment",
publisher = "WITPress",
pages = "187--199",
editor = "Giorgio Passerini and Fabio Garzia and Mara Lombardi",
booktitle = "Safety and Security Engineering IX",
address = "United Kingdom",
note = "9th International Conference on Safety and Security Engineering, SAFE 2021 ; Conference date: 09-11-2021 Through 11-11-2021",
}