Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
A new hope: Human-centric cyber security research embedded within organizations
The ‘human’ element of any digital system is as important to its enduring security posture. More research is needed to better understand human cybersecurity vulnerabilities within organizations. This will inform the development of methods (including those rooted in...
Whose risk is it anyway: How do risk perception and organisational commitment affect employee information security awareness?
Since information security (InfoSec) incidents often involve human error, businesses are investing greater resources into improving staff awareness and compliance with best-practice InfoSec behaviours. This research examined whether employees who feel that they may be...
Human cyber risk management by security awareness professionals: Carrots or sticks to drive behaviour change?
Cyber crime is rising at an unprecedented rate. Organisations are spending more than ever combating the human element through training and other interventions, such as simulated phishing. Organisations employ “carrots” (rewards) and “sticks” (sanctions) to reduce...
A Change Management perspective to implementing a cyber security culture
There has been an increasing prevalence of global cyber attacks. Because of the possible breaches in information security, it has become pertinent that organisations change organisational and individual cultures to become more secure. However, there are challenges...
Representing a human-centric cyberspace
There is a lack of consensus when using the term “cyberspace” [1]. Computers and network devices are prominent in definitions of cyberspace; less common is the essential and inclusion of human users. However, the human user is both implicitly integral to and actively...
Does the propensity to take risks influence human interactions with autonomous systems?
Technological development towards automation has been taking place for years and a wide range of autonomous systems (AS) have been introduced in homes and retailing spaces. Although these AS seem to be riskless, if they are exploited they can endanger private...
Habituation: A possible mitigation of a wicked problem
A construct for intentional habit formation is suggested as possible mitigation to the disparity between user capability and systems requirements. The importance of usable security is well represented in early discussions (Sasse 2001). Twenty years after M. S....
An analysis of phishing emails and how the human vulnerabilities are exploited
While there are a variety of sophisticated system attacks, phishing emails continues to be successful in gaining users attention and leading to disastrous security consequences. In designing strategies to protect users from fraudulent phishing emails, system designers...
Addressing human factors in the design of cyber hygiene self-assessment tools
As cybersecurity (CS) threats become more sophisticated and diversified, organisations are urged to constantly adopt and update measures for contrasting different types of attacks. Particularly, as novel techniques (e.g., social engineering and phishing) are aimed at...
Assessing and improving cyber security maturity for SMEs: Standardization aspects
SMEs constitute a very large part of the economy in every country and they play an important role in economic growth and social development. SMEs are frequent targets of cybersecurity attacks similar to large enterprises. However, unlike large enterprises, SMEs mostly...
Crisis leads to online training, new jobs search
ITEuropa
Human cognition through the lens of social engineering cyber attacks
Social engineering cyberattacks are a major threat because they often prelude sophisticated and devastating cyberattacks. Social engineering cyberattacks are a kind of psychological attack that exploits weaknesses in human cognitive functions. Adequate defense against...
Weakest link: Assessing factors that influence susceptibility to falling victim to phishing attacks and methods to mitigate
The research conducted for this project sought to understand the factors that impact the likelihood an individual will be victimized by a phishing attack. The research also sought to identify effective training approaches and technology available to supplement human...
Human factors affecting favourable cyber security culture- A case of small and medium-sized enterprises SMEs providing enterprise wide information systems solutions in Nairobi city county in Kenya
This study purposed to examine the key human factors that impact on favourable cybersecurity culture in Kenyan SMEs premised in Nairobi City County and that provides enterprise wide Information Systems(IS) solutions. Primary data was collected through mail survey...
[Technology] Genius Sports
Technology companies like Genius Sports employ a varied group of people. See how CybSafe gives each of them the support they need to improve their security habits.
Security awareness is dead. Long live borderless behavior analytics.
If we’re honest with ourselves, we’ve all known it for a long time. Posters. Compulsory e-learning. Seminars and desk-drops. They’re security awareness staples. And they’re now all, without question, ineffective. They’re designed to teach people about security. Just...
Between privacy and security: The factors that drive intentions to use cyber security applications
Installing security applications is a common way to protect against malicious apps, phishing emails, and other threats in mobile operating systems. While these applications can provide essential security protections, they also tend to access large amounts of people's...
Does isolation restrict remote worker security? – Part 1
Research shows how “social learning” impacts security skills – and it says a lot about securing remote workers. Remote working is here to stay. And there are benefits. But when it comes to security, remote working poses a problem. Remote workers know less about...
“CybSafe is just another level. It gives us really robust metrics that help us measure where our people are. It shows their behaviours as well as their attitudes.”
“CybSafe is just another level. It gives us really robust metrics that help us measure where our people are. It shows their behaviours as well as their attitudes.” Caroline Bansraj, Global Cyber Security Education & Awareness, Credit Suisse
Staff have been commenting that CybSafe content is “interesting”, “informative” and “thought-provoking” whilst being more “real” than other programmes they’ve engaged with.
Staff have been commenting that CybSafe content is "interesting", "informative" and "thought-provoking" whilst being more "real" than other programmes they’ve engaged with. Ingrid Rostron, Bursar at Redcliffe School
“CybSafe really brings home the challenges of maintaining good security behaviours at home and in the office, but it also makes it easy to turn those into ongoing habits. We’ve seen really high engagement in security for the first time.”
CybSafe really brings home the challenges of maintaining good security behaviours at home and in the office, but it also makes it easy to turn those into ongoing habits. We’ve seen really high engagement in security for the first time. Suthida Janthawong, Clinical...