Information Sheet

Why are we doing this research?

You are invited to take part in a cyber-security research study. This will involve completing a single short questionnaire, in which you write down all the words that come to mind when you think of the concept of ‘cyber-security’. We will also ask if you have ever had any experience of a cyber-security incident, and to tell us what happened.

The answers you provide will be completely anonymous, and only the research team will have access to them. Your name will not be in the questionnaire and you will be provided with a participant number, so you cannot be identified in anyway.

Please let us know if you would like a summary of the results.

If all of this sounds OK to you and you want to take part then that’s great. If you can’t take part or you don’t want to that is fine too.

Thank you for reading.

Emily Collins and Professor Adam Joinson

School of Management

University of Bath

Claverton Down

Bath

BA2 7AY

Defining Cyber-Security: Consent Form

To take part in the study, please read the statements below and then sign to indicate your consent to take part:

  • You have the right to choose not to answer any particular question or complete any part of the study without having to give a reason why.
  • You have the right to withdraw from the study at any point.
  • Any potentially identifying information, such as names or locations, will be removed from the stories of cyber-security incidents you provide.
  • All data collected in the study remains strictly confidential and anonymous, at all times.
  • Your data will be aggregated with the responses of other participants, and results presented at conferences and in journal articles. We may wish to share your anonymised data with academic partners and use it in future research projects.
  • The study has ethical approval from the University of Bath.

Please sign below to indicate you understand the statements above and give your consent to take part in the study:

SIGNATURE______

PRINT NAME______

DATE______

Questionnaire for Understanding Cyber-Security

Participant Details

Please complete the following personal details first. Be assured that all the information you provide remains strictly anonymous and confidential, and you cannot be identified by any of the details you provide. We need these details about you to make sure we are collecting data from a range of different people across the country.

Age:

Gender (please circle as appropriate):

MaleFemalePrefer not to say

Partial Postcode (first section plus letter – e.g. NE4 6):

Instructions

We are interested in the sort of things people have in mind when they hear and use words. For example, imagine you are explaining the idea of ‘love’ to someone. If you were asked to list the characteristics of the concept of ‘love’, you might write:

Caring

Trust

Affection

Friendship

Please turn to the next page to start

Task 1: Features of Cyber-Security

Today, though, we are interested in the characteristics and features that people think when they hear the word ‘cyber-security’.Imagine you are explaining the word cyber-security to someone who does not have any experience or understanding of the word. Write down all the words that come to mind when you think of cyber-security. Include things you think are obvious, and remember you can include both the positive and negative aspects of cyber-security. There are no right or wrong answers, just write whatever comes to mind. Don’t worry if you repeat some of the same words you wrote down earlier.

In the space below, write down as many characteristics and features of cyber-securityas you can think of:

Task 2: Features of Security

Now we are interested in the characteristics and features of‘security’. Imagine you are explaining the word security to someone who does not have any experience or understanding of the word. Write down all the words that come to mind when you think of security. Include things you think are obvious, and remember you can include both the positive and negative aspects of security. There are no right or wrong answers, just write whatever comes to mind.

In the space below, write down as many characteristics and features of security as you can think of:

Task 3: Experience of cyber-security incidents

Have you had any experience with a cyber-security incident, of any kind? What happened?

What steps do you take to protect yourself from a cyber-security incident?

Finally, how easy or difficult have you found the tasks in this study? (please circle as appropriate)

Very easy / Neither easy or difficult / Very difficult
1 / 2 / 3 / 4 / 5 / 6 / 7

Do you have any other comments about this research?