Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
What (or who) is public? Privacy settings and social media content sharing
When social networking sites give users granular control over their privacy settings, the result is that some content across the site is public and some is not. How might this content—or characteristics of users who post publicly versus to a limited audience—be...
Internet of Things: Security and privacy issues and possible solution
This paper explores how commonly used communication methods and information retrieval, typically carried out over the Internet via a variety of smart devices, can inadvertently transform the Internet into a hazardous platform due to its inherent propensity to make...
Priming and warnings are not effective to prevent social engineering attacks
Humans tend to trust each other and to easily disclose personal information. This makes them vulnerable to social engineering attacks. The present study investigated the effectiveness of two interventions that aim to protect users against social engineering attacks,...
Cyber hygiene insight report
A report that investigates users' cyberhygiene and provides insights and implications.
A comprehensive framework for cultivating and assessing information security culture
This study proposes a new framework to help organisations nurture a culture of information security. The framework consists of factors known to affect security behaviour, such as: management; risk assessment; policies; education; and conduct, among others.
Persuading end users to act cautiously online: Initial findings of a fear appeals study on phishing
By offering users a strong message of fear, a weak message of fear and no message of fear, the authors of this paper concluded messages of fear combined with behavioural advice on how to mitigate threats can increase security behavioural intentions.
Cyber security culture in organisations
Drawn from multiple disciplines including organisational sciences, psychology, law and cyber security, this report aims to assist organisations looking to begin or enhance their own cyber security culture programme.
Quantifiable cyber risk reduction through changing end user behaviors: The last mile in IT security
Joint research between Wombat Security Technologies and the Aberdeen Group demonstrates investing in cyber security training quantifiably reduces security risk by around 60%.
Behavioural insights in public health England
The public health behavioural insights team offer a general introduction to behavioural economics, show how theories have been successfully applied to the public health sector and present a framework for designing behavioural change interventions.
Where dating meets data: Investigating social and institutional privacy concerns on Tinder
The widespread diffusion of location-based real-time dating or mobile dating apps, such as Tinder and Grindr, is changing dating practices. The affordances of these dating apps differ from those of “old school” dating sites, for example, by privileging picture-based...
Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon
Do people really care about their privacy? Surveys show that privacy is a primary concern for citizens in the digital age. On the other hand, individuals reveal personal information for relatively small rewards, often just for drawing the attention of peers in an...
Building cybersecurity awareness: The need for evidence-based framing strategies
Cybersecurity is a global phenomenon representing a complex socio-technical challenge for governments, but requiring the involvement of individuals. Although cybersecurity is one of the most important challenges faced by governments today, the visibility and public...
152 simple steps to stay safe online: Security advice for non-tech-savvy users
Users often don’t follow expert advice for staying secure online, but the reasons for users’ noncompliance are only partly understood. More than 200 security experts were asked for the top three pieces of advice they would give non-tech-savvy users. The results...
Gender difference and employees’ cybersecurity behaviors
Security breaches are prevalent in organizations and many of the breaches are attributed to human errors. As a result, the organizations need to increase their employees’ security awareness and their capabilities to engage in safe cybersecurity behaviors. Many...
Smart attacks against intelligent wearables in people-centric internet of things
The people-centric Internet of Things, as an essential part of the general IoT ecosystem, relies heavily on intelligent wearables to control and actuate the ambient/remote “things” according to the sensed information or collected instruction from the specific person....
The state of cybersecurity and digital trust 2016
This report, which is based on the results of a survey of over 200 enterprise security professionals, explores the state of cyber security throughout organisations. The report identifies five significant ‘cyber gaps’ that have the ability to hinder cyber security...
No, users are not irrational
Security professionals lament the fact that users do not seem to see the need to take precautions or to behave securely. This frustrates them, since they themselves consider security to be very important, and they have to deal with the fallout when systems are...
How I learned to be secure: A census-representative survey of security advice sources and behavior
Rarely do users have a single, reliable source for soliciting advice on digital security. More often, the acquisition of digital security skills is a sporadic process, as users sift through an excess of security advice. A deeper understanding of the factors that shape...
Building a culture of security
In this whitepaper, Adobe explain how they’ve become an established global leader in security culture, training and awareness. They offer insight into the programs and schemes they run in order to maintain a culture of security.
The new wave of privacy concerns in the wearable devices era
The pervasiveness of mobile devices such as smart phones, apps, remote monitoring devices, and wearable sensors is enabling growth of Patient Generated Health Data (PGHD) through which people are capturing their vital signs outside the clinical settings. Tracking...
More harm than good? How messages that interrupt can make us vulnerable
Paper highlighting how constant interrupting messages and updates from computers and phones can impair cognitive functioning due to an effect called dual-task interference (DTI). DTI suggests that 2 tasks can only be performed in unison if there is a loss in overall...