The “streetlight effect”—originally less flatteringly referred to as the “drunkard’s search”—is a form of observational bias. It recognizes our tendency to look for solutions to problems where it’s easiest to find them, such as under a streetlight. In this article, we...
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
To see the latest studies from pioneering academics, scroll down.
Tales of software updates: The process of updating software
Updates alter the way software functions by fixing bugs, changing features, and modifying the user interface. Sometimes changes are welcome, even anticipated, and sometimes they are unwanted leading to users avoiding potentially unwanted updates. If users delay or do...
How can you improve cyber security awareness in your organisation?
A short blog post on how the gamification of cyber security awareness campaigns can raise cyber security awareness and change organisational culture.
How to combat insider threat using behavioral science
Understanding human behaviour – and noticing an individual's deviation from an expected behaviour – can help prevent and mitigate insider threats.
The Internet of Things – An introduction to privacy issues with a focus on the retail and home environments
This research paper provides an overview of the Internet of Things technologies generally, and with special application in the retail and home context. It then goes on to examine some of the challenges that this new environment creates through the lens of specific...
Human Behaviour as an aspect of cyber security assurance
This paper considers existing research into cyber security assurance processes in an effort to identify elements of cyber security that would benefit from further research and development. It concludes the cyber security industry would benefit from more research into...
Why Johnny still, still can’t encrypt: Evaluating the usability of a modern PGP client
This paper presents the results of a laboratory study involving Mailvelope, a modern PGP client that integrates tightly with existing webmail providers. In our study, we brought in pairs of participants and had them attempt to use Mailvelope to communicate with each...
Nudging online security behaviour with warning messages
Researchers tested the effectiveness of 9 different ways of warning users about cyber security threats. Making users aware of the steps they could take to minimise risk was effective in triggering more secure behaviour. Gain-framed messages, loss-framed messages and a...
A study on social engineering attacks and defence mechanisms
Humans are the most vulnerable points in any kind of security system because of their predictable behaviour and other psychological aspects. Yet, a lot of emphasis related to security is given to implementation of technical security via an antivirus, Intrusion...
Evaluating behaviour changed in international development operations: A new framework
On behalf of the World Bank, this paper's authors develop a tool to evaluate behaviour change interventions in the development sector. The tool can be used to assess the prevalence and integration of behaviour change concepts into the life cycle of a behaviour change...