Cyber attacks are mostly caused by liabilities created due to the human error and social engineering. Therefore, it is of importance for organisations to find a way to manage security in an effective manner, by taking into account the interactions between the social...
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
To see the latest studies from pioneering academics, scroll down.
A novel SETA-based gamification framework to raise cyber security awareness
This paper aims to improve the employees’ cyber security awareness by developing an interactive video game, a cyber shield game, that includes various embedded threat scenarios. The proposed game consists of four levels. The password complexity level educates players...
Response to a phishing attack: persuasion and protection motivation in an organizational context
This study aims to examine the effect of cybersecurity threat and efficacy upon click-through, response to a phishing attack: persuasion and protection motivation in an organizational context. In a simulated field trial conducted in a financial institute, via PhishMe,...
Essential awareness of social engineering attacks for digital security
This study is an attempt to check the level of awareness of social engineering attacks among professionals who are working online. A survey of employees, who are working in Delhi NCR in different organizations and industries, was conducted. The results of the survey...
Pause for a cyber security cause: Assessing the influence of a waiting period on user habituation in mitigation of phishing attacks
This study designed, developed, and empirically tested a Pause and Think (PAT) mobile app that presented a user with a warning dialog and either a countdown or count-up timer whenever an email with a link was opened. The user was not able to interact with the email...
CatBERT: Context-aware tiny BERT for detecting targeted social engineering emails
Targeted phishing emails are a major cyber threat on the Internet today and are insufficiently addressed by current defences. In this paper, we leverage industrial-scale datasets from Sophos cloud email security service, which defends tens of millions of customer...
A survey study evaluating Internet users’ proneness to fall prey to social engineering attacks
This research evaluated the Internet users' proneness to fall prey to five most common types of social engineering attacks which are domain spoofing, email spoofing, search engine phishing, SMS phishing, and social media phishing. 350 volunteer participants...
Social research methods in cyber security: From criminology to industrial cyber security
The application of social research methods in cyber security requires a multidisciplinary combination since the security of technologies and communication networks is made up of a set of uses, techniques, and results directly conditioned by the parameters of...
Cyber security awareness and behaviour of youth in smartphone usage: A comparative study between university students in Hungary and Vietnam
This study focuses on comparing the level of cyber security awareness, knowledge and behaviour among university students in general and between Hungary and Vietnam in particular. Research data was collected, using a set of questionnaires and the 313 responses from...
Cognition, behavior and cyber security
Cybersecurity appears to be the ultimate paradox: while cybersecurity budgets are increased every year, and a vast array of new security products and services appear in the market, cyber attacks have been increasing in scale and scope every year. 2020 will perhaps be...