Using behavioural insights to improve the public’s use of cyber security best practices

Lynne Coventry, Pamela Briggs, John Blythe, Minh Tran

Research output: Book/ReportCommissioned reportpeer-review

20 Downloads (Pure)


The aim of this project was to apply social and behavioural insights to cyber security challenges to answer the following questions: - What behaviours should people display to reduce their vulnerability to cyber-security attacks? - Why do people not behave securely online? - What can theories of behaviour tell us about how to effectively influence behaviour? - What is the role of communication campaigns in changing behaviour? - How can interventions be designed to motivate appropriate cyber-security behaviour? To achieve this, we adopted a Rapid Evidence Assessment of the literature on cybersecurity behaviours and interventions. We drew on the existing literature from science communication, health, social and organisational psychology and cyber security. We then carried out a brief email Delphi with experts in Cyber Security. We used this study to get expert opinion on the conclusions we had drawn from the literature. It should be noted that research into human aspects of cyber-security is piecemeal and nonsystematic. It relies heavily on self reported behaviours and beliefs which are not always reliable. Actual experimental studies have limitations of small sample size and homogenous, mainly student, populations. It is also worth noting that the rate of change of technology and uptake of the internet makes it difficult to draw conclusions from older research. However, suffice to say, there is sufficient evidence to say there is room for improvement in people’s cyber-security related behaviours.
Original languageEnglish
PublisherGovernment Office for Science
Number of pages20
Publication statusPublished - 8 May 2014


Dive into the research topics of 'Using behavioural insights to improve the public’s use of cyber security best practices'. Together they form a unique fingerprint.

Cite this