Safety at What Cost?

Introduction

“Cyberattacks, cyber threats, and attitudes toward cybersecurity policies” (Snider, Shandler, Zandani, & Canetti, 2021) focuses on a non-technical, human centered question in cybersecurity: How much are regular people willing to give up their freedom and privacy when they feel threatened by a cyberattack? The authors specifically studied the public’s “willingness to accept government cybersecurity policies that limit personal civil liberties and privacy” (Snider et al., 2021, p. 1). This review breaks down the research methods, how the study connects to social sciences, and what its overall meaning is for society and policy.

Social Sciences Principals

This research falls under the fields of Political Psychology and Political Science. The study is built on ideas from research on terrorism and political violence, but applied to the digital world. By looking at threat perception, the psychological feeling of danger, the authors analyze how this feeling changes a person’s willingness to support new policies. Essentially, supporting a new cybersecurity law as a political choice is driven by emotions and how people think and risks, not just technical facts.

Research Question, Hypotheses, and Variables

The main goal of the study was to figure out how different types of cyberattacks affect what the public thinks about security laws. The central research question was: Does being exposed to different kinds of cyberattacks change how much people support specific security policies, and does this change happen because their perception of the threat increases?

The authors tested two main hypotheses. Hypothesis 1 suggested that anyone exposed to a cyberattack scenario would support security policies more strongly than people who saw no attack. Hypothesis 2 argued that people who saw the lethal attacks would show more support for security policies overall than those who only say the nonlethal ones.

The key independent variable they controlled was split into three experimental groups. First, lethal cyberattack where the attack caused physical harm or death. Second is nonlethal cyberattack, where the attack caused financial loss or data theft. The final group is a control group which saw nothing. They also measured threat perception as a second independent variable to see if it was the reason why policy support changed. The main dependent variables were two types of policy support: Support for alerting policies, which are “policies that focus on alerting the public in cases of cyberattacks,” (p. 2), and support for oversight policies, which are “policies that call for oversight of cybersecurity,” (p. 2), meaning the government would actively monitor companies. 

Types of Research Methods Used

The researchers used a method called controlled randomized survey experiment with 1,022 Israeli participants (Snider et al., 2021, p. 4). The experiment involved showing participants “scripted, simulated television news reports” that described either the lethal or nonlethal cyberattack scenario (p. 4). This technique allowed the researchers to keep the information consistent and isolate the single factor they were testing to prove it was the direct cause of the changes in people’s attitudes.

Types of Data Analysis Done

The study gathered quantitative data through surveys where participants rated their attitudes on scales (Snider et al., 2021, p. 5). THis data included threat perception scores and policy support levels. The main statistical tool used was regression analysis, which included mediation analysis. THe analysis found that people support different policies depending on the attack they saw: lethal exposure led to much higher support for alerting policies, while non lethal exposure increased support for oversight policies (p.6). Relations to Class

The entire study focuses on human factors from module 4, which looks at how human behavior affects systems. The concept of Psyber Security can be tied in, as the researchers used psychological tools to measure threat perception and predict political actions (Snider et al., 2021). The research premise also rests on the scientific principle of determinism from module 2, which suggests that human choices are influenced by what happened before. 

Challenges, Concerns, and Contributions of Marginalized Groups

The study’s findings are important for groups who fight for civil liberties and privacy. When people feel highly threatened, they increase their support for “stringent and intrusive government cybersecurity regulations” (Snider et al., 2021, p. 7). Historically, these types of intrusive laves have often led to unfair targeting or surveillance of marginalized communities. The contribution of this research is that it helps advocates understand why the public is willing to give up rights during a crisis.

Conclusion

The study by Snider et al. (2021) is an important addition to the social science view of cybersecurity because it provides a link between the type of cyberattack and what the public wants from the government. By using a controlled experiment, the authors confirmed that threat perception is a crucial psychological factor driving policy choices. The researcher is important because it tells policymakers and advocates that public opinion is not simple. People’s willingness to sacrifice privacy for security is highly conditional on the perceived severity of the digital threat.

References

Snider, K. L. G., Shandler, R., Zandani, S., & Canetti, D. (2021). Cyberattacks, cyber threats, and attitudes toward cybersecurity policies. Journal of Cybersecurity, 7(1), 1-15. https://doi.org/10.1093/cybsec/tyab019