The Community for Technology Leaders
Green Image
Issue No. 05 - Sept.-Oct. (2016 vol. 18)
ISSN: 1520-9202
pp: 26-32
Brian Stanton , US National Institute of Standards and Technology
Mary F. Theofanos , US National Institute of Standards and Technology
Sandra Spickard Prettyman , Independent Consultant
Susanne Furman , US National Institute of Standards and Technology
ABSTRACT
Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users' security decisions. A semistructured interview protocol was used to collect data (N = 40). Interview questions addressed online activities; computer security perceptions; and the knowledge and use of security icons, tools, and terminology. Qualitative data techniques were used to code and analyze the data identifying security fatigue and contributing factors, symptoms, and outcomes of fatigue. Although fatigue was not directly part of the interview protocol, more than half of the participants alluded to fatigue in their interviews. Participants expressed a sense of resignation, loss of control, fatalism, risk minimization, and decision avoidance, all characteristics of security fatigue. The authors found that the security fatigue users experience contributes to their cost-benefit analyses in how to incorporate security practices and reinforces their ideas of lack of benefit for following security advice.
INDEX TERMS
Computer security, Privacy, Online services, Decision making, Performance evaluation,cybercrime, user-centered design, security and privacy protection, usability testing
CITATION
Brian Stanton, Mary F. Theofanos, Sandra Spickard Prettyman, Susanne Furman, "Security Fatigue", IT Professional, vol. 18, no. , pp. 26-32, Sept.-Oct. 2016, doi:10.1109/MITP.2016.84
223 ms
(Ver 3.3 (11022016))