How Persistent is the Effect of Past Experiences on Cyber-Secure Behavior
SeriesPhD Lunch Seminars
LocationErasmus University Rotterdam, Mandeville T3-14
Date and time
March 23, 2022
12:00 - 12:45
Past experiences play a key role in risk prevention behavior. Experiencing a (simulated) phishing attack has been shown to decrease the likelihood to click on unsafe links and give away one’s password. In a large field experiment, involving 670 small and medium-sized enterprises, and their 33,000 employees, we measure the impact of experience on people’s ability to detect cyber security threats, and how persistent this impact is after several months. Furthermore, we collected company-level data and individual-level data, including risk and time preferences, as well as trust level. These additional data allowed us to study the determinants of learning from past experiences.