TY - GEN
T1 - Economic Incentives and Perceptions as Critical Factors for Understanding Insider Hacking Behavior
AU - Amo, Laura
AU - Gaia, Joana
AU - Murray, David
AU - Sanders, G. Lawrence
AU - Sanders, Sean
AU - Singh, Raghvendra
AU - Upadhyaya, Shambhu
N1 - Publisher Copyright:
© 2024 IEEE Computer Society. All rights reserved.
PY - 2024
Y1 - 2024
N2 - The objective of this research is to investigate the influence of interest in white hat capabilities, income levels, and perceptions of being apprehended on the willingness to violate privacy regulations as measured by the amount of money required to violate medical privacy. The research model was developed by drawing on the economics of crime literature, prospect theory and the emerging Capability, Opportunity, and Motivation Behavior model. This study involved 523 individuals on the cusp of entering the workforce, which places them all as potential insider hackers according to zero trust models of insider behavior. Despite many subjects believing there is a high probability of being caught, they could still be incentivized to violate HIPAA laws. Approximately 306 (or 58%) of the survey participants indicated a price, ranging from zero dollars to over $10 million, that they deemed acceptable for violating HIPAA laws. Income levels, white hat hacking capabilities, monetary incentives to commit a crime, and the perceived probability of being apprehended were statistically significant predictors of the amount of money required to violate HIPAA laws.
AB - The objective of this research is to investigate the influence of interest in white hat capabilities, income levels, and perceptions of being apprehended on the willingness to violate privacy regulations as measured by the amount of money required to violate medical privacy. The research model was developed by drawing on the economics of crime literature, prospect theory and the emerging Capability, Opportunity, and Motivation Behavior model. This study involved 523 individuals on the cusp of entering the workforce, which places them all as potential insider hackers according to zero trust models of insider behavior. Despite many subjects believing there is a high probability of being caught, they could still be incentivized to violate HIPAA laws. Approximately 306 (or 58%) of the survey participants indicated a price, ranging from zero dollars to over $10 million, that they deemed acceptable for violating HIPAA laws. Income levels, white hat hacking capabilities, monetary incentives to commit a crime, and the perceived probability of being apprehended were statistically significant predictors of the amount of money required to violate HIPAA laws.
KW - behavioral economics
KW - cybersecurity
KW - economics of crime
KW - hacking
UR - https://www.scopus.com/pages/publications/85199797929
M3 - Conference contribution
AN - SCOPUS:85199797929
T3 - Proceedings of the Annual Hawaii International Conference on System Sciences
SP - 3223
EP - 3232
BT - Proceedings of the 57th Annual Hawaii International Conference on System Sciences, HICSS 2024
A2 - Bui, Tung X.
PB - IEEE Computer Society
T2 - 57th Annual Hawaii International Conference on System Sciences, HICSS 2024
Y2 - 3 January 2024 through 6 January 2024
ER -