NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

"A five-year-old could understand it" versus "This is way too confusing": Exploring Non-expert Understandings and Perceptions of Cybersecurity Definitions

Published

Author(s)

Lorenzo Neil, Charlotte Healy, Julie Haney

Abstract

Experts struggle with explaining cybersecurity in a language and tone appropriate for non-expert audiences. This communication gap may make it difficult for a broad and diverse audience to fully engage in cybersecurity. Fundamental forms of communication, such as definitions, can be for a means for experts to communicate cybersecurity concepts to non-experts. To explore how non-experts perceive cybersecurity definitions and identify potential areas of misunderstanding and misconception,} we performed a semi-structured interview study with 30 non-experts of different generations (ages) and education levels. Our findings reveal that non-experts may have incomplete mental models of cybersecurity, misinterpret terms and concepts commonly used in definitions, and express strong preferences for how cybersecurity is defined. While our study focuses on definitions, our results have broader implications for how cybersecurity should be communicated to a diverse range of individuals.
Proceedings Title
Proceedings of the Association of Computing Machinery CHI conference on Human Factors in Computing Systems
Conference Dates
April 27-May 2, 2025
Conference Location
Yokohama, JP
Conference Title
Association for Computing Machinery CHI 2025
Pub Type
Conferences

Download Paper

https://doi.org/10.1145/3706598.3713820
Local Download

Keywords

cybersecurity, definitions, terminology
Usability and human factors and Cybersecurity and privacy

Citation

Neil, L. , Healy, C. and Haney, J. (2025), "A five-year-old could understand it" versus "This is way too confusing": Exploring Non-expert Understandings and Perceptions of Cybersecurity Definitions, Proceedings of the Association of Computing Machinery CHI conference on Human Factors in Computing Systems, Yokohama, JP, [online], https://doi.org/10.1145/3706598.3713820, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=958789 (Accessed October 9, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created April 28, 2025
Was this page helpful?