Behavioural Cyber – Questionnaire
Behavioural Cyber – Questionnaire
Topic 1: Knowledge
Q1 What do you know about cyber security?
Q1-A What do you think it is?
Q1-B Who is involved?
Q1-C Is it important?
Q1-D Why is it important?
Topic 2: Attitudes
Q2 What is yr role at (bank name redacted)?
Q3 How does Cyber Security affect you?
Q4 How do you feel about Cyber Security?
Q4A Do you feel vulnerable to cyber security threats?
Q4B Do you feel fear about Cyber Security?
Topic 3: History
Q5 What’s your experience with Cyber Security historically?
Q5A What kind of stories have you heard?
Q6 Have you ever clicked on something dodgy? What happened?
Q7 Have you clicked on a phishing email? What happened?
Q7A How severe was it?
Q8 Did that make you change your behaviour?
Q9 How did that make you feel?
Q10 Did you tell anyone about it?
Q11 Has it happened again since?
Q12 What do you think is the worst thing that could happen as a result of a phishing attack on you?
Topic 4: Practices
Q13 How do you manage passwords?
Q14 Do you connect to free Wi-Fi?
Q15 What makes you suspicious of an email? Discuss.
Q16 How do you deal with emails you are suspicious of?
Q17 Is it getting hard to tell what is suspicious?
Q18 Where do you learn or hear about this stuff?
Q19 Who do you trust for advice or information on Cyber Security?
Q20 Do you follow their advice?
Q21 Do you think there is enough training/information provided at your work?
Q22 Would you like to learn more?
Q23 How would like this training/information to be provided? (prompt: video, podcasts, intranet pages, workshops, induction?)
Q24 Roughly how many emails would you receive in an average work day?
Topic 5: Contexts
Q25 Roughly how many emails would you send in an average work day?
Q26 How do you feel about your email practices (is it too much, stressful)?
Q27 In your email practice, do you tend to; Check/Notifications/Batch
Q28 How busy do you feel at work? Do you feel you have enough time in your day to devote to each task you need to do?
Q29 How stressed do you feel at work on an average day?
Q30 Are there any consequences at
Q31 Colleagues:
Q31A Do you talk about cyber-security issues?
Q31B Have you learnt things from them?
Q31C Do they seem to care about cyber security?
Q32 Bosses:
Q32A Do they talk about cyber-security issues?
Q32B Have you learnt things from them?
Q32C Do they seem to care about cyber security?
Topic 6: Identity
Q33 Do you see yourself as being good with computers?
Q34 Are you confident with your use of the internet?
Q35 Do you think you can recognise dodgy emails?
Q36 Do you teach or tell other people about Cyber security matters?
Q37 Whose responsibility is it to prevent Cyber Security attacks?
Q38 Is it important to you to be able to recognise dodgy emails?
Topic 7: Iterated – Round two interviews only
Q201 So does the way you scan yr inbox change according to how busy you are? And if so how?
Q202 So what is the difference between thinking about, or cyber security practices at home compared to at work?
Q203 So how much does your workload and the pace of your workplace vary over time?
Q204 So you work for a bank – does that bring with it any special responsibilities and roles?
Q205 Do you know who the cyber security team are the bank? Or how to find them or contact them?
Q206 Do you think the Cybersec team are good at what they do?
Q207 Do you get a lot of emails that aren’t really relevant to you? Or are trivial?
Contact Details
Address: 11 Silva St, Tamarama, Sydney, Australia
Phone: +61 2 (0) 404 214 889
Email: dan@guiheadz.comLatest Blog Post
A new chapter – a PhD in Cognitive Cybersecurity at UTS
Ok. New Year. New me. I’ve enrolled, and been accepted, to do a PhD at UTS. This is my third week and it is VERY …Read More »