Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Understanding the relationships between resilience, work stress and information security awareness
This study examined the relationship between Information Security Awareness (ISA), resilience and work stress, finding greater resilience to be associated with higher ISA and lower work stress.
Securing mobile devices: Evaluating the relationship between risk perception, organisational commitment and information security awareness
This study examined the relationship between perception of risk, organisational commitment, and Information Security Awareness (ISA), finding both organisational commitment and perception of personal risk to be significant predictors of ISA. Surprisingly, frequency of...
Deep thought: A cybersecurity story
ideas42 aims to help solve difficult social problems using insights from behavioural science. In this instance, the problem in question is the human aspect of cyber security. The paper applies psychology and behavioural science principles to common cyber security...
Embedding security behaviours: Using the 5Es
This framework is designed to help embed and sustain security behaviours in employees. The framework is condensed into 5Es (Educate, Enable, Environment, Encourage, Evaluate) and explains how to implement these using examples and tactical interventions.
UK University fails to learn – UEA, a data breach repeat offender
SC Magazine
Australia and Malaysia hit by major data breaches
Silicon Republic
Protect against human nature
Travel Trade Gazette
If you want my national insurance number, just ask!
Why we’re so comfortable handing out personal details online – and how we may be able to reverse the trend On a mild July evening in 2010, Leo Hickman set out to meet a woman named Louise. At the time Louise, a 30-something recruitment consultant with straight, auburn...
How to launch a behavior-change revolution
A team spear-headed by University of Pennsylvania researchers have launched an ambitious research project called Behavior Change for Good. The project will attempt to determine the best behavioural-change practices in three areas: health, education and personal...
Measuring the success of context-aware security behaviour surveys
Background: We reflect on a methodology for developing scenario-based security behaviour surveys that evolved through deployment in two large partner organisations (A & B). In each organisation, scenarios are grounded in workplace tensions between security and...
Phish phinder: A game design approach to enhance user confidence in mitigating phishing attacks
This paper proposes and sets out the framework for the development of a game designed to help educate users about phishing attacks. The proposed game draws on academic research and would take the form a series of challenges that inherently educate users about phishing...
British Intelligence Blames Iran for Cyberattack on UK Parliament
Iran news update
Sources say Deloitte cyberattack may have impacted US government
Silicon Republic
If someone is watching, I’ll do what I’m asked: Mandatoriness, control, and information security
This research finds people are motivated to follow security procedures when they believe the procedures to be compulsory, and that both specifying policies and evaluating behaviors help position security policies as mandatory. It follows that specifying policies and...
Nudges for privacy and security: Understanding and assisting users’ choices online
Advancements in information technology often task users with complex and consequential privacy and security decisions. A growing body of research has investigated individuals’ choices in the presence of privacy and information security tradeoffs, the decision-making...
Tackling the human aspect of cybersecurity: The psychology of a law firm
Tackling the Human Aspect of Cyber Security: Legal PsychologyFor years, cyber attackers have relied on human psychology to manipulate victims and launch their most common, most disruptive attacks. Developed in collaboration with behavioural change psychologist...
Deloitte hit by major client email hack
AccountingWeb
Deloitte cyber-attack: Is your firm safe?
AccountancyAge
Rate of data compromise revealed: 121 records per sec; defenders lagging
SC Magazine
The supply chain conundrum: Why large businesses fear data breaches from SME suppliers
ITProPortal
Gains, losses and unconscious calculations
Our attitudes to loss make us vulnerable online. Here’s how we can nullify the risks – starting with a question. Which of these two generous offers would you rather take up? The first is £1000 in cash with no strings attached. The second is the chance to win £2000 –...