Individual preferences in security risk decision making: an exploratory study under security professionals

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

6 Downloads (Pure)

Abstract

Risk assessments in the (cyber) security domain are often, if not always, based on subjective expert judgement. For the first time, to the best of our knowledge, the individual preferences of professionals from the security domain are studied. In on online survey they are asked to mention, rate and rank their preferences when assessing a security risk. The survey setup allows to differentiate between easily accessible or “on top of mind” attributes and guided or stimulated attributes. The security professionals are also challenged to both non-compensatory and compensatory decision making on the relevance of the attributes. The results of this explorative study indicate a clear difference and shift in the individual perceived relevance of attributes in these different settings. Another remarkable finding of this study is the predominant focus on impact attributes by the respondents and the less significant position of likelihood or probability. The majority of professionals seem to ignore likelihood in their security risk assessment. This might be due to so called probability neglect as introduced by other scholars. the security in organisations and society is depending on the assessment and judgement of these professionals, understanding their preferences and the influence of cognitive biases is paramount. This study contributes to this body of knowledge and might raise attention to this important topic in both the academic and professional security domain.
Original languageEnglish
Title of host publicationSafety and Security Engineering IX
EditorsGiorgio Passerini, Fabio Garzia, Mara Lombardi
PublisherWITPress
Pages187-199
Number of pages13
Volume206
ISBN (Electronic)978-178466443-5
DOIs
Publication statusPublished - 2021
Event9th International Conference on Safety and Security Engineering, SAFE 2021 - Virtual, Online, Italy
Duration: 9 Nov 202111 Nov 2021

Publication series

NameWIT Transactions on the Built Environment
Volume206
ISSN (Print)1743-3509
ISSN (Electronic)1746-4498

Conference

Conference9th International Conference on Safety and Security Engineering, SAFE 2021
Country/TerritoryItaly
CityVirtual, Online
Period9/11/2111/11/21

Keywords

  • Decision biases
  • Decision making
  • Preferences
  • Probability neglect
  • Risk management
  • Security risk assessment

Fingerprint

Dive into the research topics of 'Individual preferences in security risk decision making: an exploratory study under security professionals'. Together they form a unique fingerprint.

Cite this