Usable Security is a field that aligns cybersecurity mechanisms with user-centered design principles, ensuring that secure systems are accessible, understandable, and efficient to use. While the term is recognized internationally, its diffusion in Brazil remains unclear. This study investigates the familiarity and understanding of Usable Security among Brazilian Information Technology (IT) students and professionals. Using a mixed-methods approach, we conducted an online survey with 86 participants and semi-structured interviews with seven of them. The results show that the concept is largely unfamiliar: 59.3% had never heard of it, and even those who claimed familiarity lacked actual understanding. We suggest that semantic familiarity with the words “usability” and “security” may have caused false recognition. Despite this, participants acknowledged tensions between usability and protection and emphasized the need to reconcile both in system design. Barriers included the lack of formal education, low interdisciplinary collaboration, and absence of clear development guidelines. This study maps the conceptual gap surrounding Usable Security in Brazil and highlights the need for curricular integration, practical guidance, and broader research efforts to strengthen its application.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

“Usable Security? Never Heard of It!” Exploring Familiarity with Usable Security Among IT Professionals and Students in Brazil

  • Ana Beleza,
  • Luan Oliveira

摘要

Usable Security is a field that aligns cybersecurity mechanisms with user-centered design principles, ensuring that secure systems are accessible, understandable, and efficient to use. While the term is recognized internationally, its diffusion in Brazil remains unclear. This study investigates the familiarity and understanding of Usable Security among Brazilian Information Technology (IT) students and professionals. Using a mixed-methods approach, we conducted an online survey with 86 participants and semi-structured interviews with seven of them. The results show that the concept is largely unfamiliar: 59.3% had never heard of it, and even those who claimed familiarity lacked actual understanding. We suggest that semantic familiarity with the words “usability” and “security” may have caused false recognition. Despite this, participants acknowledged tensions between usability and protection and emphasized the need to reconcile both in system design. Barriers included the lack of formal education, low interdisciplinary collaboration, and absence of clear development guidelines. This study maps the conceptual gap surrounding Usable Security in Brazil and highlights the need for curricular integration, practical guidance, and broader research efforts to strengthen its application.