Survey Information Collection
Explain who will be surveyed and why the group is appropriate to survey.
The Information Access Division (IAD) of the Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) is leading this information collection.
Human-centered security research considers the human, social, and organizational factors – and the interactions between them – related to security processes, technologies, products, policies, etc. The purpose of this survey is to screen prospective participants for their eligibility to participate in an interview study (submitted as a separate collection: Cybersecurity Definitions: Interviews) to investigate how individuals without a formal background in information technology or cybersecurity (non-experts) understand typical cybersecurity definitions and potential areas of confusion. Therefore, it is necessary and appropriate to survey people who do not have expertise in information technology or cybersecurity to learn about which cybersecurity definitions they most prefer.
NIST will survey 40 individuals using this screening survey. A copy of the recruitment text to be used has been uploaded into ROCIS for review. The interview protocol will be uploaded as a separate collection for review.
2. Explain how the survey was developed including consultation with interested
parties, pretesting, and responses to suggestions for improvement.
The screening survey questions were developed based on the eligibility criteria for participation in the interview study. Therefore, the questions include basic demographic questions and other questions meant to ensure that prospective participants have the technology needed to participate in the virtual interview sessions.
The survey questions were reviewed by the following two experts to ensure the language and questions were appropriately tailored for the study population: 1) a cybersecurity practitioner with prior experience and knowledge about cybersecurity definition analysis and writing technical documents for non-experts and 2) a researcher with 15+ years of experience conducting surveys and interviews. Feedback from the reviewers was incorporated in the final survey instrument.
3. Explain how the survey will be conducted, how customers will be sampled if
fewer than all customers will be surveyed, expected response rate, and actions
your agency plans to take to improve the response rate.
NIST will conduct an anonymous survey online using the Qualtrics survey platform.
For recruitment, NIST’s partner, Mediabarn (on contract with NIST) will send targeted survey invitations via email to members of Mediabarn’s proprietary national database. To take the initial screening survey criteria, participants must be 18 years or older and not have prior education or professional experience in an information technology or cybersecurity field. If eligible and choosing to participate, they will select the survey link to begin the survey.
The survey includes 11 questions, including basic demographic information and questions related to technology requirements for participating in the subsequent virtual interview. There are also questions about prospective participants’ name and contact information so that Mediabarn can schedule them for an interview. Screenshots are being uploaded for review. The survey will take approximately 3 minutes to complete. We expect that 40 subjects will complete the screening survey. The survey will be closed once 30 respondents have met all eligibility criteria for the subsequent interview.
Total burden hours: 40 respondents x 3 minutes per response = 2.0 burden hours.
The survey has been reviewed by the NIST Research Protections Office. NIST and Mediabarn will initially have access to participant names and contact information for the purposes of scheduling interviews. Once interviews have been scheduled and completed, all records of these names and contact information will be destroyed. Subsequently, the demographic information collected in the screening survey will be stored with an anonymous identifier (e.g., P10) that will not be linked back to the participant.
4. Describe how the results of the survey will be analyzed and used to generalize
the results to the entire customer population.
The screening survey will be used to determine eligibility for the interview study. Participants should be current U.S. residents aged 18 years or older who are comfortable taking a survey in English, have never formally studied or worked in an information technology (IT) or cybersecurity field, and are willing to have the interview recorded (audio and video). In addition, all participants must:
Be able to attend the interview from a computer/laptop (no tablets, smartphones)
Have a working camera and microphone on their computer/laptop
Have a high-speed Internet connection capable of supporting a virtual meeting
Demographic information of screening survey respondents who ultimately participate in the interviews will be reported in aggregate (summary statistics). No other data analysis will be conducted on the screening survey data. Data from participants not eligible to participate in the interviews will be destroyed.
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| File Title | PAPERWORK REDUCTION ACT |
| Author | pboyd |
| File Modified | 0000-00-00 |
| File Created | 2024-07-20 |