Self-efficacy and Protecting Potential Victims
Oct 1, 2012 7:34am
Self-efficacy is the belief that we can achieve a certain goal. It’s an important topic in several areas of psychology, especially in health psychology, because of its role in addiction. Generally, the higher a person’s perceived self-efficacy regarding breaking an addiction (be it smoking, alcohol, drugs, or anything else), the more likely they are to be successful. Perceived self-efficacy has also been found to be a predictor of people’s likelihood of engaging in protective measures online. People with higher levels of perceived self-efficacy in their ability to protect themselves online are more likely to use anti-malware software. It would seem that those who lack confidence in their abilities are less likely to even try – they feel that they won’t be able to install or maintain the software, and so they don’t use it at all. Now of course, many of these individuals may seek help from friends or family who they perceive as being more capable than themselves, so it doesn’t necessarily mean that their systems are unprotected, but in general, they seem to be at higher risk.
So, the question is, if people are more likely to protect their systems if they believe they can do so effectively, should improving perceived self-efficacy be identified as a strategy for helping users to help themselves, while simultaneously reducing the likelihood that their computer becomes part of a botnet? Truthfully, there are many other factors that also influence safer online behaviour – everything from previous victimisation, to perception of costs, to belief that significant others in their lives are also engaging in protective behaviours. In all likelihood, targeting one strategy alone may not make a massive difference. But it might be a good starting point. So how can this be achieved?
Significant time and energy could be spent researching who exactly demonstrates lower perceived self-efficacy as it relates to protective behaviours online. This might allow companies providing these security products to target specific strategies at them. Given the range of other influences listed above this may not be the best route. A better approach would be to ensure that all users, regardless of how new or inexperienced they are, learn to protect their system appropriately. Part of this includes teaching them that system protection isn’t optional. A significant aspect of this process involves teaching users how to protect themselves in such a way that they will not feel intimidated by the process. Here, much of the research regarding online educational strategies and usability engineering can be applied. For example, it is essential that interfaces for protective technologies are made very easy to use, so as they are not daunting. Simultaneously, positive reinforcement strategies can be used to ensure that users receive positive feedback at each stage of the process, making them more confident in both their system security, and their ability to keep the system secure. Scaffolding learning is also essential – start with relatively easy to accomplish tasks, moving to progressively more difficult ones as required.
As mentioned, there are many other variables that affect users’ online safety behaviours, but improving their perceived self-efficacy regarding abilities to protect their system is an important first step.