Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice.
The idea that people should form positive security habits is gaining increasing attention amongst security practitioners. Habit is a well-studied concept in psychology, but the extent to which the richness of that literature has been fully utilised for security is...
Don’t click: towards an effective anti-phishing training. A comparative literature review
Email is of critical importance as a communication channel for both business and personal matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such threats, many organizations have begun to provide anti-phishing training programs...
Measuring the security cult organizations: a systematic existing tools
There has been an increase in research into the security culture in organizations in recent years. This growing interest has been accompanied by the development of tools to measure the level of security culture in order to identify potential threats and formulate...
A methodology for quantifying the level of cybersecurity awareness
According to the yearly publication of Dutch National Cyber Security Center of the current cyber security situation of the country ( Cyber Security Beeld Nederland -CSBN- 2017) a cyber-attack originated in 91% of the investigated cases from some form of phishing. This...
Human Factors Knowledge Area
over the past 20 years, there has been a growing body of research into the underlying causes of security failures and the role of human factors. The insight that has emerged is that security measures are not adopted because humans are treated as components whose...
How much do you really know about cybercrime? (USA edition)
Cyber savvy challenge: Unlock your digital security skills
Developing cybersecurity culture to influence employee behavior: A practice perspective
This paper identifies and explains five key initiatives that three Australian organizations have implemented to improve their respective cyber security cultures. The five key initiatives are: identifying key cyber security behaviors, establishing a ’cyber security...
Human systems integration approach to cyber security
The NATO Science and Technology Organization (STO) Human Factors and Medicine (HFM) Panel 259 Research Task Group (RTG), titled Human Systems Integration Approach to Cyber Security, was established to promote cooperative human-centred research activities in a NATO...
2022 Cost of insider threats global report
The first Cost of Insider Threats: Global study was conducted in 2016 and focused exclusively on companies in North America. Since then, the research has expanded to include organizations in Europe, Middle East, Africa and Asia-Pacific with a global headcount of 500...
Blind Spot: Do You Know the Effectiveness of Your Information Security Awareness-Raising Program?
Information and IT security awareness-raising measures and the evaluation of these measures are an indispensable part of today’s information and knowledge society. While the number of firms that apply such measures is increasing, surveys of corporations show that it...
Contextual security awareness: A context-based approach for assessing the security awareness of users
Assessing the information security awareness (ISA) of users is crucial for protecting systems and organizations from social engineering attacks. Current methods do not consider the context of use when assessing users’ ISA, and therefore they cannot accurately reflect...
CybSafe 2023 winter release
Introducing: Workflows and 20+ features [lazy-video video_id="ZbSJ9vibAM0" background_image="https://www.cybsafe.com/wp-content/uploads/2023/12/CYBSAFE-introducing-workflows-thumbnail-231201MS-08.jpg"...
Cybersecurity automation should focus on human risk
Applying cybersecurity automation to human cyber riskAutomated, real-time, and personalized workflowsIntroducing WorkflowsCybersecurity automationA leap forward in human risk managementGetting startedTurning work into WorkflowsAs a security professional managing human...
Why am I failing to engage my workforce in cybersecurity training?
There is an immediate need to shift towards a cybersecurity awareness approach that truly understands the challenges of people today—where personalised, on-demand, and simple experiences aren’t just desired, but expected.
Online safety awareness and human factors: An application of the theory of human ecology
Efforts have been made on large and small scales to reduce cybersecurity threats around the world, including in Malaysia. However, scholars have argued that, in spite of the technological preparations countries can take to shield themselves from attack, human factors...
A zero-shot deep metric learning approach to Brain–Computer Interfaces for image retrieval
In this paper we propose a deep learning based approach for image retrieval using EEG. Our approach makes use of a multi-modal deep neural network based on metric learning, where the EEG signal from a user observing an image is mapped together with visual information...
From awareness to influence: toward a model for improving employees’ security behaviour
This paper argues that a conventional approach to cybersecurity awareness is not effective in influencing employees and creating sustainable behaviour change. The increase in security incidents caused by employees is evidence that providing information to raise...
About the Measuring of Information Security Awareness: A Systematic Literature Review
To make employees aware of their important role for information security, companies typically carry out security awareness campaigns. The success and effectiveness of those campaigns has to be measured to justify the budget for example. Therefore, we did a systematic...
Developing metrics to assess the effectiveness of cybersecurity awareness program
Cybersecurity awareness (CSA) is not just about knowing, but also transforming things learned into practice. It is a continuous process that needs to be adjusted in subsequent iterations to improve its usability as well as sustainability. This is possible only if a...
CybSafe research uncovers a distinct gap in workplace Cybersecurity prioritisation
Research finds 31 per cent of people are more likely to prioritise keeping on top of emails than cybersecurity training The fundamental shift in our content consumption habits calls for a new approach to cybersecurity training in the workplace Canary Wharf, London, XX...