Search Icon
2026 Program

Why Do Programmers Do What They Do? A Theory of Influences on Security Practices

Lavanya Sajwan, James Noble, Craig Anslow (Victoria University of Wellington), Robert Biddle (Carleton University)

Technologies are continually adapting to match ever-changing trends. As this occurs, new vulnerabilities are exploited by malicious attackers and can cause significant economic damage to companies. Programmers must continually expand their knowledge and skills to protect software. Programmers make mistakes, and this is why we must interpret how they implement and adopt security practices. This paper reports on a study to understand programmer adoption of security practices. We identified a theory of inter-related influences involving programmer culture, organizational factors, and industry trends. Understanding these decisions can help inform organizational culture and education to improve software security.

Paper

View More Papers

Demo #2: Sequential Attacks on Kalman Filter-Based Forward Collision...

Yuzhe Ma, Jon Sharp, Ruizhe Wang, Earlence Fernandes, and Jerry Zhu (University of Wisconsin–Madison)

Read More

From Paranoia to Compliance: The Bumpy Road of System...

Niklas Busch (CISPA Helmholtz Center for Information Security, Germany), Philip Klostermeyer (CISPA Helmholtz Center for Information Security, Germany), Jan H. Klemmer (CISPA Helmholtz Center for Information Security, Germany), Yasemin Acar (Paderborn University, Germany), Sascha Fahl (CISPA Helmholtz Center for Information Security, Germany)

Read More

From Scam to Safety: Participatory Design of Digital Privacy...

Sarah Tabassum (University of North Carolina at Charlotte, USA), Narges Zare (University of North Carolina at Charlotte, USA), Cori Faklaris(University of North Carolina at Charlotte, USA)

Read More