Dec 4, 2020 | Research
While training individuals on best practices in cybersecurity continues to be implemented, prior research has found that training people in the use of secure passwords has not proven to be effective. Developing profiles of individual who are likely to become victims...Oct 1, 2020 | Research
Previous studies have observed an intention-behavior gap that has been labeled the “privacy paradox”: people disclose personal information (behavior) despite expressing negative sharing intentions (in surveys). However, this phenomenon has not been studied in the...Sep 17, 2020 | Research
Cybersecurity controls are deployed to manage risks posed by malicious behaviours or systems. What is not often considered or articulated is how cybersecurity controls may impact legitimate users (often those whose use of a managed system needs to be protected, and...Sep 14, 2020 | Research
As organizations continue to invest in phishing awareness training programs, many chief information security officers (CISOs) are concerned when their training exercise click rates are high or variable, as they must justify training budgets to organization officials...Sep 1, 2020 | Research
Vulnerabilities to online cyber-related crime are typically the result of poor decisions on the part of users. To date, research on risk-taking behavior applied to cyber-security situations has concentrated mainly on the risks that stem from active behavioral choices...Aug 27, 2020 | Research
While technical controls can reduce vulnerabilities to cyber threats, no technology provides absolute protection and we hypothesised that people may act less securely if they place unwarranted trust in these automated systems. This paper describes the development of a...