The main research hypothesis in this project is that there exists a rigorous choice architecture, which will nudge decision-makers to make demonstrably better information security decisions.
The research is divided up into the following research objectives:
- Provide an in-depth understanding of the psychological phenomena that dictates security behaviour that is relevant for data loss protection in consumerization, for all relevant parties (CISOs, IT administrators and employees).
- Develop the foundations for a choice architecture based on rigorous underlying assessment techniques (measurement, experimental evidence or models), which exposes explicitly the impact of uncertainty and optimizes for the value of rigour.
- Design and implement a set of stealth tools that implement the choice architecture and steer the decision-making to "better" decisions.
- Experimentally evaluate the improvements that the choice architecture delivers in decision-making for data loss protection in consumerization.