Society For Risk Analysis Annual Meeting 2013

Session Schedule & Abstracts


* Disclaimer: All presentations represent the views of the authors, and not the organizations that support their research. Please apply the standard disclaimer that any opinions, findings, and conclusions or recommendations in abstracts, posters, and presentations at the meeting are those of the authors and do not necessarily reflect the views of any other organization or agency. Meeting attendees and authors should be aware that this disclaimer is intended to apply to all abstracts contained in this document. Authors who wish to emphasize this disclaimer should do so in their presentation or poster. In an effort to make the abstracts as concise as possible and easy for meeting participants to read, the abstracts have been formatted such that they exclude references to papers, affiliations, and/or funding sources. Authors who wish to provide attendees with this information should do so in their presentation or poster.

Common abbreviations

M4-H
Informing Policy with Risk Perception and Management

Room: Johnson A&B   3:30 PM - 5:10 PM

Chair(s): Heather Rosoff   rosoff@usc.edu

Sponsored by SDSG



M4-H.1  15:30  Structuring Public Private Partnerships to Encourage Near-Miss Reporting. Dillon-Merrill RL*, Tinsley CH; Georgetown University   rld9@georgetown.edu

Abstract: Despite decades of research on disasters, these events remain all too common-place. Scholars across a wide range of disciplines agree that one of the most viable approaches to reducing the occurrence of future disasters is to observe near-misses--situations where a bad outcome could have occurred except for the fortunate intervention of chance--and use these events to identify and eliminate problems in the system before they produce such a catastrophe. Unfortunately, because of a natural propensity for individuals to focus on outcomes, these warning signals can be ignored if the events are perceived as successes rather than near-misses (or near-failures). For many industries, the recognition of near-misses can be improved through the examination of data capturing anomalies across companies. First, since disasters and even near-misses are often rare events, data from multiple companies will increase the sample size, which always helps in scientific analysis. Second, near-misses can be difficult to interpret for companies in an unbiased way because of the "normalization of deviance" phenomenon, but data from multiple companies would allow comparisons to judge whether or not their events were normal relative to others in the industry. Yet significant obstacles exist in most industries to preclude such data pooling and sharing. For example, potential lawsuits can scare companies into guarding rather than sharing any "dirty laundry", even if these mishaps might help the collective. A public-private partnership should be the solution for this collective dilemma. In such a partnership, private companies would be properly protected and correctly incentivized to report the data to government agencies for aggregation. In this research, we examine two existing systems from aviation safety and medical patient safety and then make recommendations for developing a comparable system for cyber risk management.

M4-H.2  15:50  Public response to the terrorist attacks on Boston. Burns WJ*, Slovic P, Sellnow T, Rosoff H, John R; Decision Research (AUTHORS 1 AND 2) UNIVERSITY OF KENTUCKY (AUTHORS 3) (AUTHORS 4 and 5)   william_burns@sbcglobal.net

Abstract: On April 15 terrorists set off two bombs at the Boston Marathon killing 3 people and seriously injuring many others. Within days one terrorist was dead and the other apprehended. A nationwide online survey was conducted on April 16 to determine how the public was responding to this attack. A follow up survey was done with the same panel of respondents on April 30. Respondents were asked about their confidence in DHS to thwart and respond to terrorism, perceptions of terrorism risk, emotional reaction to the attack (e.g. anger, fear, sadness), their willingness to attend public events and the kind of information they sought in the first 24 hours after the attack. This analysis is currently ongoing and the results will be reported during the presentation. These findings inform risk management policy, particularly involving communication with the public during a crisis.

M4-H.3  16:10  Public perceptions and trade-offs related to randomized security schedules. John RS*, Scurich N; University of Southern California and University of California, Irivine   richardj@usc.edu

Abstract: Although there are theoretical advantages to randomized security strategies, and they have been adopted in several major areas, there has been no research evaluating the public’s perception of such measures. Perhaps the most challenging hurdle for randomized security strategies is the potential for perceived unfairness by the public. Randomization is clumpy, and random selections for search will often appear nonrandom to an individual who observes some relatively small number of searches while waiting in line. Individuals observing random searches may exhibit a confirmation bias that magnifies the perception of unfair search patterns in short sequences due to (1) biased observation seeking to confirm hypothesized inequities, and (2) biased interpretation and recollection of observed searches. In short, the perception of safety can be as important as the reality of safety. Likewise, the perception of fairness can weigh as heavily as the reality of fairness. If randomized security schedules are perceived as inefficacious and/or unfair, potential patrons might protest their use and pursue alternatives that actually increase the net societal risk. In the present experiment, over 200 respondents were asked to make choices between attending a venue that employed a traditional (i.e., search everyone) or a random (i.e., a probability of being searched) security schedule. The probability of detecting contraband was manipulated (i.e., 1/10; 1/4; 1/2) but equivalent between the two schedule types. In general, participants were indifferent to either security schedule, regardless of the probability of detection. The randomized schedule was deemed more convenient, but the traditional schedule was considered fairer and safer, suggesting a perceived trade-off between safety, fairness, and convenience. There were no differences between traditional and random search in terms of effectiveness or deterrence.

M4-H.4  16:30  To transaction online or to not transaction online: Dilemmas involving privacy, security and identify theft. Rosoff H*, John R, Cui T; University of Southern California, CREATE   rosoff@usc.edu

Abstract: As internet transactions continue to become more pervasive, the intersection between trust, privacy, convenience, and security also becomes more important. For instance, individuals regularly are drawn to the convenience of conducting financial transactions online, whether it is for e-commerce, online banking, or bill payments. However, does the lack of protection (e.g. limited identity authentication) or too much protection (e.g. too rigorous authentication) alter an individual’s preference for convenience? Similarly, when engaging in online transactions there is a certain amount of trust that the transaction occurs as intended. On one level this involves individuals trusting that purchased merchandise will arrive on time or that ATMs with distribute money and debit funds appropriately. This also pertains to trusting that the information exchanged is both secure and privacy is respected (e.g. information is not shared with third parties). The question remains, do individuals no longer trust systems and cease to engage in online transactions? We present the results of a study that evaluates the tradeoffs between trust, privacy, convenience, and security in varied online financial transactions. We also consider how the implementation of various cyber policies may or may not impact individual decision making relative to these tradeoffs.

M4-H.5  16:50  DHS’ Risk-Informed Quadrennial Homeland Security Review (QHSR) . Hawkins NL*, Elkins DA, Janca A, Simons J, Montezemolo M, Piper J, Lesely T, Cox P , Susel I , Brzymialkiewicz C; Department of Homeland Security    natasha.hawkins@dhs.gov

Abstract: The Department of Homeland Security is executing its Second Quadrennial Homeland Security Review in 2013, as required by law. As part of the initial Preparatory phase of the review, top risks and risk insights were identified to inform leadership discussion and guide QHSR studies and analysis. Risk analysis is also required in the Study and Analysis phase of the review, wherein the study teams must conduct risk characterizations to achieve a baseline understanding of the risks within the study mission space, and then analyze the costs and benefits of alternative strategic approaches. Study groups will follow the DHS Strategy Development and Analysis Process to arrive at conclusions. We will discuss some of the lessons learned, challenges, and innovative approaches developed to ensure the continued advancement of DHS’s analysis to inform strategic decisions.



[back to schedule]