An informed argument using diffusion of innovations theory on the uptake of four different security behaviours
Abstract
Security behaviour has been researched from a variety of theoretical lenses, however a clear picture on the factors that foster secure behaviour is still missing. This contribution uses the diffusion of innovations theory and applies it to four exemplary security behaviours to identify how it can explain the uptake of each behaviour. In contrast to many other approaches, it focuses on the behaviour itself, not the behaving individual. We are able to show differences in the uptake of idealized security behaviours. A perceived relative advantage positively impacts the uptake of a behaviour, however this advantage seems rarely to be motivated by a perceived risk. Risk only seems to play a minor role for the diffusion of security behaviours. Additionally, the relative advantage does not seem to be a necessity for the diffusion of a behaviour. If the other properties namely compatibility, triability, observability, and low complexity of a behaviour are adequately fulfilled a successful diffusion is still possible.
