Is a public health framework the cure for cyber security?
The public health community has developed robust systems for objectively identifying and studying health threats and coordinating interventions, whereas the cyber security community is still relatively immature in its use of an objective, systematic approach. In this paper, we present a detailed public health framework—including descriptions of public health threats encountered and interventions used—and develop parallels between public health and cyber security
threats and interventions. We propose that employing a public health framework to
understand individual risk preferences for cyber security can identify the types of
interventions and related implementation and communication strategies that will
more effectively improve cyber security.