Scoping the ethical principles of cybersecurity fear appeals

Marc Dupuis*, Karen Renaud

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

19 Downloads (Pure)

Abstract

Fear appeals are used in many domains. Cybersecurity researchers are also starting to experiment with fear appeals, many reporting positive outcomes. Yet there are ethical concerns related to the use of fear to motivate action. In this paper, we explore this aspect from the perspectives of cybersecurity fear appeal deployers and recipients. We commenced our investigation by considering fear appeals from three foundational ethical perspectives. We then consulted the two stakeholder groups to gain insights into the ethical concerns they consider to be pertinent. We first consulted deployers: (a) fear appeal researchers and (b) Chief Information Security Officers (CISOs), and then potential cybersecurity fear appeal recipients: members of a crowdsourcing platform. We used their responses to develop an effects-reasoning matrix, identifying the potential benefits and detriments of cybersecurity fear appeals for all stakeholders. Using these insights, we derived six ethical principles to guide cybersecurity fear appeal deployment. We then evaluated a snapshot of cybersecurity studies using the ethical principle lens. Our contribution is, first, a list of potential detriments that could result from the deployment of cybersecurity fear appeals and second, the set of six ethical principles to inform the deployment of such appeals. Both of these are intended to inform cybersecurity fear appeal design and deployment.
Original languageEnglish
Number of pages20
JournalEthics and Information Technology
Early online date20 Oct 2020
DOIs
Publication statusE-pub ahead of print - 20 Oct 2020

Fingerprint Dive into the research topics of 'Scoping the ethical principles of cybersecurity fear appeals'. Together they form a unique fingerprint.

Cite this