The persistently changing landscape of cyberspace and cybersecurity has led to a call for organizations’ increased attention toward securing information and systems. Rapid change in the cyber environment puts it on a scale unlike any other performance environment...
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
To see the latest studies from pioneering academics, scroll down.
Phishing attacks: Defending your organisation
This paper proposes a multi-layered approach to defending your organisation against phishing attacks, condensed into four layers. At each layer, the authors recommend tactical interventions to help organisations achieve this multi-layered security.
Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransomware attacks
One of the most difficult challenges in information security today is phishing. Phishing is a difficult problem to address because there are many permutations, messages, and value propositions that can be sent to targets. Spear phishing is also associated with social...
Creative engagement methods: Engagement process
Creative security engagements can take many forms and can be configured in different ways but they follow a similar pattern of actions: Frame, Identity, Process, Narrate. The process is not a linear, step-by-step process but an iterative one where the Facilitator of a...
Revitalizing privacy and trust in a data-driven world
This report summarises key findings from ‘The Global State of Information Security Survey 2018’, which surveyed 9,500 global C-suite executives and directors about their organisation’s security practises. The report identifies and expands on nine data privacy and...
What the Internet of Things means for consumer privacy
What the Internet of Things means for consumer privacy discusses the findings of an Economist Intelligence Unit (EIU) research programme, sponsored by ForgeRock, that explores the privacy concerns and priorities of global consumers stemming from the Internet of Things...
Creative engagement methods: Everyday security
Creative security engagement is an approach that helps participants to draw out the details of day-to-day security practices. As a result, such engagement methods are not only able to sketch out issues related to IT infrastructure and its use but also the everyday...
Creative engagement methods: An introduction
Sharing experiences about digital practices and about digital security in particular is an important means of learning and sharing security practices. These stories are also important because they bring out the difficulties and inconsistencies people face in...
Navigating the new cyber security threat landscape
This report is designed to educate and inform organisations on the cyber threat landscape. It explores what to consider when disaster strikes and explains the importance of people and partnerships. Read full paper ...
The “human factor” in cyber security reading: Exploring the accidental insider
A great deal of research has been devoted to the exploration and categorization of threats posed from malicious attacks from current employees who are disgruntled with the organisation, or are motivated by financial gain. These so-called “insider threats” pose a...