Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
A Study On Social Engineering Attacks: Phishing Attack
Recently, with the development of digital technology and the spread of the social media network and made the communication of human beings between each other more easily, but with the put the personal information and private evidence and the participation of others...
Phishing Attacks: A Recent Comprehensive Study and a New Anatomy
With the significant growth of internet usage, people increasingly share their personal information online. As a result, an enormous amount of personal information and financial transactions become vulnerable to cybercriminals. Phishing is an example of a highly...
Prevalence of Sharing Access Credentials in Electronic Medical Records
Objectives Confidentiality of health information is an important aspect of the physician patient relationship. The use of digital medical records has made data much more accessible. To prevent data leakage, many countries have created regulations regarding medical...
Coping responses in phishing detection: an investigation of antecedents and consequences
This study investigates users’ coping responses in the process of phishing email detection. Three common responses are identified based on the coping literature: task-focused coping, emotion-focused coping (i.e., worry and self-criticism), and avoidance coping. The...
Hacking the human: the prevalence paradox in cybersecurity
Objective: This work assesses the efficacy of the “prevalence effect” as a form of cyberattack in human-automation teaming, using an email task. Background: Under the prevalence effect, rare signals are more difficult to detect, even when taking into account their...
User Context: An Explanatory Variable in Phishing Susceptibility
Extensive research has been performed to examine the effectiveness of phishing defenses, but much of this research was performed in laboratory settings. In contrast, this work presents 4.5 years of workplace-situated, embedded phishing email training exercise data,...
No Phishing beyond This Point
As phishing continues to evolve, what’s your organization doing to stay off the hook? If your organization uses email, you have a phishing problem. Based on FBI data, Trend Micro predicts global losses from business email compromise (BEC) attacks will surpass $9...
Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice.
The idea that people should form positive security habits is gaining increasing attention amongst security practitioners. Habit is a well-studied concept in psychology, but the extent to which the richness of that literature has been fully utilised for security is...
Don’t click: towards an effective anti-phishing training. A comparative literature review
Email is of critical importance as a communication channel for both business and personal matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such threats, many organizations have begun to provide anti-phishing training programs...
Measuring the security cult organizations: a systematic existing tools
There has been an increase in research into the security culture in organizations in recent years. This growing interest has been accompanied by the development of tools to measure the level of security culture in order to identify potential threats and formulate...
A methodology for quantifying the level of cybersecurity awareness
According to the yearly publication of Dutch National Cyber Security Center of the current cyber security situation of the country ( Cyber Security Beeld Nederland -CSBN- 2017) a cyber-attack originated in 91% of the investigated cases from some form of phishing. This...
Human Factors Knowledge Area
over the past 20 years, there has been a growing body of research into the underlying causes of security failures and the role of human factors. The insight that has emerged is that security measures are not adopted because humans are treated as components whose...
How much do you really know about cybercrime? (USA edition)
Cyber savvy challenge: Unlock your digital security skills
Developing cybersecurity culture to influence employee behavior: A practice perspective
This paper identifies and explains five key initiatives that three Australian organizations have implemented to improve their respective cyber security cultures. The five key initiatives are: identifying key cyber security behaviors, establishing a ’cyber security...
Human systems integration approach to cyber security
The NATO Science and Technology Organization (STO) Human Factors and Medicine (HFM) Panel 259 Research Task Group (RTG), titled Human Systems Integration Approach to Cyber Security, was established to promote cooperative human-centred research activities in a NATO...
2022 Cost of insider threats global report
The first Cost of Insider Threats: Global study was conducted in 2016 and focused exclusively on companies in North America. Since then, the research has expanded to include organizations in Europe, Middle East, Africa and Asia-Pacific with a global headcount of 500...
Blind Spot: Do You Know the Effectiveness of Your Information Security Awareness-Raising Program?
Information and IT security awareness-raising measures and the evaluation of these measures are an indispensable part of today’s information and knowledge society. While the number of firms that apply such measures is increasing, surveys of corporations show that it...
Contextual security awareness: A context-based approach for assessing the security awareness of users
Assessing the information security awareness (ISA) of users is crucial for protecting systems and organizations from social engineering attacks. Current methods do not consider the context of use when assessing users’ ISA, and therefore they cannot accurately reflect...
CybSafe 2023 winter release
Introducing: Workflows and 20+ features [lazy-video video_id="ZbSJ9vibAM0" background_image="https://cdn.www.cybsafe.com/wp-content/uploads/2023/12/CYBSAFE-introducing-workflows-thumbnail-231201MS-08.jpg"...
Cybersecurity automation should focus on human risk
Applying cybersecurity automation to human cyber riskAutomated, real-time, and personalized workflowsIntroducing WorkflowsCybersecurity automationA leap forward in human risk managementGetting startedTurning work into WorkflowsAs a security professional managing human...