A study by researchers at Carnegie Mellon University (CMU) found that the time-cost of software updates, as well as individuals' risk preferences, have significant impacts on whether a user actually applies a software update, and how long it takes them to do so.
Said CMU's Cleotilde Gonzalez, "Understanding what drives people to delay a software update—an important protective action because they fix bugs that attackers can exploit—would be a step toward preventing such cyberattacks."
For the study, the researchers ran a simulation that involved rewarding participants for applying the security update; they also lost some points if a security failure occurred as a result of delays in updates.
The researchers suggest companies should come up with ways to incentivize users to apply security updates as soon as they are available, or at least to reduce the time and effort costs of doing so.
From Carnegie Mellon University CyLab Security and Privacy Institute
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found