Background:An eHealth tool that coaches employees through the process of reflection has the potential to support employees with moderate levels of stress to increase their capacity for resilience. Most eHealth tools that include self-tracking summarize the collected data for the users. However, users need to gain a deeper understanding of the data and decide upon the next step to take through self-reflection.Objective:In this study, we aimed to examine the perceived effectiveness of the guidance offered by an automated e-Coach during employees’ self-reflection process in gaining insights into their situation and on their perceived stress and resilience capacities and the usefulness of the design elements of the e-Coach during this process.Methods:Of the 28 participants, 14 (50%) completed the 6-week BringBalance program that allowed participants to perform reflection via four phases: identification, strategy generation, experimentation, and evaluation. Data collection consisted of log data, ecological momentary assessment (EMA) questionnaires for reflection provided by the e-Coach, in-depth interviews, and a pre- and posttest survey (including the Brief Resilience Scale and the Perceived Stress Scale). The posttest survey also asked about the utility of the elements of the e-Coach for reflection. A mixed methods approach was followed.Results:Pre- and posttest scores on perceived stress and resilience were not much different among completers (no statistical test performed). The automated e-Coach did enable users to gain an understanding of factors that influenced their stress levels and capacity for resilience (identification phase) and to learn the principles of useful strategies to improve their capacity for resilience (strategy generation phase). Design elements of the e-Coach reduced the reflection process into smaller steps to re-evaluate situations and helped them to observe a trend (identification phase). However, users experienced difficulties integrating the chosen strategies into their daily life (experimentation phase). Moreover, the identified events related to stress and resilience were too specific through the guidance offered by the e-Coach (identification phase), and the events did not recur, which consequently left users unable to sufficiently practice (strategy generation phase), experiment (experimentation phase), and evaluate (evaluation phase) the techniques during meaningful events.Conclusions:Participants were able to perform self-reflection under the guidance of the automated e-Coach, which often led toward gaining new insights. To improve the reflection process, more guidance should be offered by the e-Coach that would aid employees to identify events that recur in daily life. Future research could study the effects of the suggested improvements on the quality of reflection via an automated e-Coach.
Previous quantitative studies applying Routine Activity Theory (RAT) to cybercrime victimization produced mixed results. Through semi-structured interviews with cybersecurity experts, the current study aims to qualitatively reevaluate the applicability of RAT to cyber-dependent crime, specifically data theft from organizations. An in-depth assessment of environmental factors appearing to affect data thieves’ actions resulted in concrete operationalizations of theoretical concepts. Importantly, we highlight the distinction between target selection and strategic choices made during the attack. Furthermore, RAT appeared to be as relevant, if not more, for explaining offender actions during an attack as for the initial convergence of offenders and digital targets.
Introduction: Few studies have examined the sales of stolen account credentials on darkweb markets. In this study, we tested how advertisement characteristics affect the popularity of illicit online advertisements offering account credentials. Unlike previous criminological research, we take a novel approach by assessing the applicability of knowledge on regular consumer behaviours instead of theories explaining offender behaviour.Methods: We scraped 1,565 unique advertisements offering credentials on a darkweb market. We used this panel data set to predict the simultaneous effects of the asking price, endorsement cues and title elements on advertisement popularity by estimating several hybrid panel data models.Results: Most of our findings disconfirm our hypotheses. Asking price did not affect advertisement popularity. Endorsement cues, including vendor reputation and cumulative sales and views, had mixed and negative relationships, respectively, with advertisement popularity.Discussion: Our results might suggest that account credentials are not simply regular products, but high-risk commodities that, paradoxically, become less attractive as they gain popularity. This study highlights the necessity of a deeper understanding of illicit online market dynamics to improve theories on illicit consumer behaviours and assist cybersecurity experts in disrupting criminal business models more effectively. We propose several avenues for future experimental research to gain further insights into these illicit processes.
This project researches risk perceptions about data, technology, and digital transformation in society and how to build trust between organisations and users to ensure sustainable data ecologies. The aim is to understand the user role in a tech-driven environment and her perception of the resulting relationships with organisations that offer data-driven services/products. The discourse on digital transformation is productive but does not truly address the user’s attitudes and awareness (Kitchin 2014). Companies are not aware enough of the potential accidents and resulting loss of trust that undermine data ecologies and, consequently, forfeit their beneficial potential. Facebook’s Cambridge Analytica-situation, for instance, led to 42% of US adults deleting their accounts and the company losing billions. Social, political, and economic interactions are increasingly digitalised, which comes with hands-on benefits but also challenges privacy, individual well-being and a fair society. User awareness of organisational practices is of heightened importance, as vulnerabilities for users equal vulnerabilities for data ecologies. Without transparency and a new “social contract” for a digital society, problems are inevitable. Recurring scandals about data leaks and biased algorithms are just two examples that illustrate the urgency of this research. Properly informing users about an organisation’s data policies makes a crucial difference (Accenture 2018) and for them to develop sustainable business models, organisations need to understand what users expect and how to communicate with them. This research project tackles this issue head-on. First, a deeper understanding of users’ risk perception is needed to formulate concrete policy recommendations aiming to educate and build trust. Second, insights about users’ perceptions will inform guidelines. Through empirical research on framing in the data discourse, user types, and trends in organisational practice, the project develops concrete advice - for users and practitioners alike - on building sustainable relationships in a resilient digital society.
