BYOD Security: Using Dual Process Theory to Adapt Effective Security Habits in BYOD

Bring Your Own Device (BYOD) culture has evolved rapidly in the past years. However, with the increased mobile device usage at home and work environments, security and privacy risks have also increased. Malware, social engineering and phishing threats have been adapted to the new technology in order to infiltrate and take control over these personal devices. With human error being the root cause of most successful BYOD attacks, this study looks at applying a psychological perspective to shed light on this issue by applying Dual Process Theory (DPT) and investigating which System of Thinking is more effective in making healthy cyber security decisions. A quantitative study using a within-subjects group method completed a two-paradigm phishing email sorting task. The results showed that system-1 and system-2 thinking did not have significantly different results. This indicates that new security measures focusing on both system-1 and system-2 thinking should be developed to improve BYOD security habits. Individuals should be given more training and/or spend more time analysing security threats in order to maintain effective BYOD cyber-security practices. This study hopes to encourage future research in order to help develop psychologically backed methods to improve BYOD security.