Do Trust Marks Make a Difference? with L. Jean Camp | CSI #35 скачать в хорошем качестве

Do Trust Marks Make a Difference? with L. Jean Camp | CSI #35

There are two primary efforts in the United States to create transparency: the Cyber Trust Mark (CTM) and the Software Bill of Materials (SBOM). The Cyber Trust Mark is intended to empower consumers and enable security by demand. But is there such a demand? To explore this, we recruited 599 participants to select four preferred items (a watch, a dishwasher, a camera, a light bulb) in a mock Amazon marketplace. Participants were told that they would be required to purchase the selected light bulb. Participants were divided into five experimental groups with different Trust Mark versions and a control group. After the product selections we surveyed them about their priorities and preferences. There were no significant differences between groups as a whole. Yet the subset of consumers who identified cybersecurity as important were significantly more likely to select labeled products across all groups, spending 16.5% more. We detail the differences and preferences, then propose to discuss the need for an awareness program concurrent with the rollout of the U.S. Cyber Trust Mark. L. Jean Camp is a Professor at the School of Informatics and Computing at Indiana University. She is a Fellow of the Institute of Electrical and Electronic Engineers. She is a Fellow of the American Association for the Advancement of Science. She joined Indiana after eight years at Harvard’s Kennedy School where her courses were also listed in Harvard Law, Harvard Business, and the Engineering Systems Division of MIT. She spent the year after earning her doctorate from Carnegie Mellon as a Senior Member of the Technical Staff at Sandia National Laboratories. She began her career as an engineer at Catawba Nuclear Station with a MSEE at University of North Carolina at Charlotte. Her research focuses on the intersection of human and technical trust, leveraging economic models and human-centered design to create safe, secure systems. Her early contributions in the interdisciplines of economics of security, user-centered security, risk communication, and online trust underlie her applied research in the domains of IoT, authentication, secure networking, ecrime, public policy, ethics in computer science, and a few works on applied cryptography. Full text and details on her publications can be found at their disciplinary homes, meaning that there is no complete overlap between ResearchGate, DBLP, SSRN, and Google Scholar. Works sorted by domain and discipline are also available at: http://www.ljean.com/publications.php