Between Awareness and Action: Evaluating Cyber Hygiene's Measurement, Reliability, and Validity

• In Event: Cybercrime Response and Readiness: Law Enforcement and Prevention Perspectives

Abstract

Cyber hygiene encompasses routine cybersecurity practices—such as identifying phishing attempts, regularly updating software, and protecting digital assets—to guard against cyber threats. Although cyber hygiene is a common measure in cybercriminology and cybersecurity research, its psychometric properties have seen limited evaluations about its validity and reliability. In this paper, we utilize an opt-in survey from a U.S. sample that represents the adult population to examine cyber hygiene as a measurement using confirmatory factor analysis. We then analyze the interplay of cyber hygiene across three individual factors: self-control, technology skills and knowledge, and thoughtful reflective decision-making (TRDM). We discuss the implications of cyber hygiene as a construct.

Authors

• Courtney Lee Weber, University of South Florida

• George Burruss, University of South Florida

• Taylor Fisher, Michigan State University