Presentation is loading. Please wait.

Presentation is loading. Please wait.

Human Factors in Cyber Security: A Review for Research & Education P. Vigneswara Ilavarasan, PhD 1.

Published byMartin Gilbert Modified over 8 years ago

Similar presentations

Presentation on theme: "Human Factors in Cyber Security: A Review for Research & Education P. Vigneswara Ilavarasan, PhD 1."— Presentation transcript:

1 Human Factors in Cyber Security: A Review for Research & Education P. Vigneswara Ilavarasan, PhD 1

2 Agenda The context Causes Basis Review of field – Selection – Analysis – Future directions 2

3 3

4 4

5 App & Airlines 5

6 6

7 Causes Accidental or non-deliberate causes Deliberate causes 7

8 Risk Perception Perception of risk ---> behavioural decisions. Influenced by – Availability Heuristic, Optimism Bias, Level of control, level of knowledge, Risk Compensation, Cumulative Risks, Influence of familiarity, Influence of framing, Personality & Cognitive style, Influence of social factors Insiders’ threat – Extension of OB studies 8

9 Mitigation – Inputs for training? – Enforce baseline security policies and procedures – Extend traditional policy and guidance – Conduct ongoing personnel checks – Implement focused risk assessments – Training for awareness & behavioural change 9

10 Basis? Evidence-based approach? – School of medicine – Public policy – Can be extended for curriculum design 10

11 Source of Attack EY (2015). 1800 Respondents, 60 countries, 25 sectors, June 2014. 11

12 Changing Behaviour Symantec (2015). Internet Security Threat Report 12

13 The Need “more robust evidence-based cyber security policy making is needed, an area which is generally not covered by cyber security strategies” (OECD, 2012) 13

14 Looking for evidence Search – keywords – Academic databases From 2010 Non-technical content Empirical papers 42 papers Inputs for training / Education? 14

15 The field Perceptual data studies – Mix of Quanti. & Quali. studies – Experts as respondents – Self reporting data / Survey Security Perception & behavior studies – Awareness – knowledge & consequences – Intention – Password – Creation & sharing behavior – Low – Cyber crime experiences (Mostly phishing emails!) Adequate insights for employees’ & users’ training – Taxonomy Taxonomy 15

16 Gaps Need for causal studies of users / victims – Not causally linked to loss Social factors as differentiators – Missing – Gender, Age, Education, Class Device Contexts – Mobile devices Differing information eco system – Impact of network externalities 16

17 Future directions Human factors in Cyber Security – Inputs for policy making Scope for filling the gaps Compete with technologists Computer scientists as advisors Challenging methodologies – Beyond survey 17

18 Q & A? 18

19 Thank you! 19

20 Taxonomy…… 20 Stanton et al. (2005)

Download ppt "Human Factors in Cyber Security: A Review for Research & Education P. Vigneswara Ilavarasan, PhD 1."

Similar presentations

Effective Supervision

Effective Supervision
3 High expectations for every child

3 High expectations for every child
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Science of Science and Innovation Policy (SciSIP) Presentation to: SBE Advisory Committee By: Dr. Kaye Husbands Fealing National Science Foundation November.

Science of Science and Innovation Policy (SciSIP) Presentation to: SBE Advisory Committee By: Dr. Kaye Husbands Fealing National Science Foundation November.
CHANGING ROLES OF THE DIAGNOSTICIAN Consultants to being part of an Early Intervention Team.

CHANGING ROLES OF THE DIAGNOSTICIAN Consultants to being part of an Early Intervention Team.
“Building Effective Public Participation in Environmental Impact Assessment in a Transboundary Context” in Bulgaria Institute for Ecological Modernisation.

“Building Effective Public Participation in Environmental Impact Assessment in a Transboundary Context” in Bulgaria Institute for Ecological Modernisation.
IT Retreat 2009 IT Security Controls and Initiatives.

IT Retreat 2009 IT Security Controls and Initiatives.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
2011 Overall Objectives Contributing toward limiting Violence against Women, and fostering the role of the NCHR in combating VAW focusing on domestic.

2011 Overall Objectives Contributing toward limiting Violence against Women, and fostering the role of the NCHR in combating VAW focusing on domestic.
Company LOGO B2C E-commerce Web Site Quality: an Empirical Examination (Cao, et al) Article overview presented by: Karen Bray Emilie Martin Trung (John)

Company LOGO B2C E-commerce Web Site Quality: an Empirical Examination (Cao, et al) Article overview presented by: Karen Bray Emilie Martin Trung (John)
The LEADS framework: An important resource for improving leadership culture and performance Presentation to CHIMA Conference October 16, 2014.

The LEADS framework: An important resource for improving leadership culture and performance Presentation to CHIMA Conference October 16, 2014.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Identification and Analysis of Cyber Crime (Repository of Cyber Crime and Cyber Laws) Knowledge Based System (KBS) Presentation By : Dr. Priyanka Sharma.

Identification and Analysis of Cyber Crime (Repository of Cyber Crime and Cyber Laws) Knowledge Based System (KBS) Presentation By : Dr. Priyanka Sharma.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Team 2 Andrew Boyd Kaven Williams.  Privacy, Security and Compliance Issues  Current State of Research  Implications  Areas of Research Opportunity.

Team 2 Andrew Boyd Kaven Williams.  Privacy, Security and Compliance Issues  Current State of Research  Implications  Areas of Research Opportunity.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Similar presentations

Ads by Google