We believe people want to do the right thing.
We know they’re more likely to follow security controls when they have support, cyber security is helpful, and they understand the threat.
We don’t guess. We build using science.
Insights and best practice from psychology to change behaviour
Scientifically evaluated to know what works in changing behaviour and why
People-centric so people are both productive and secure at work
We’re committed to advancing the field of cyber security behavioural science. We’re one of the few organisations of our type with a dedicated behavioural science team focused solely on research and analysis.
The CybSafe Research & Behavioural Science Team, which is made up of experts in psychology, cyber security and cyber crime, has designed and delivered behaviour change for nearly a decade.
91%
of CybSafe users no longer exhibit high-risk phishing behaviour after a CybSafe behaviour intervention
81%
of CybSafe users are likely to encourage good cyber security behaviours with friends and family
World-renowned partners
We want to protect people online by building better technology and by contributing to academic knowledge and government policy. That’s why we work with leading academic research partners to develop and maintain our platform and to drive change outside of our organisation. Through collaboration, we can help address the wicked problem of cyber security and keep people, businesses and nations safe online.
Projects
The team collaborates with a number of academic institutions (UCL, University of Bath, University of Bristol, Cardiff University, University of Kent and Northumbria University). Here is a snapshot of a few recent research initiatives.
Phishtray
PHISHTRAY is a modifiable open source e-tray software for research and training applications related to social engineering for use in academia and industry. Funded by CPNI and developed by behavioural scientists from the University of Bath and University of Bristol in conjunction with CybSafe.
Cyber Security Quirks
Cyber Security Quirks is funded by the Home Office and part of the Research Institute in Sociotechnical Cyber Security. The project explores the role of personalisation in cyber security behaviour interventions by taking account of individual variability.
SPEC
Simulated Phishing and Employee Cyber security behaviour (SPEC) is led by CybSafe in conjunction with the University of Bath. Funded by the Centre for Research and Evidence on Security Threats the project explores the impact of simulated phishing emails on employee awareness and work-based outcomes such as productivity and trust. Read more about the project here.
GIFS
Gentle Interventions for Security led by Dr. Emily Collins at the University of Bath is developing and evaluating “gentle interventions” using ambient displays, across the home and workplace, to create healthy and habitual cyber security behaviours.
PETRAS
The PETRAS Internet of Things Research Hub is a consortium of nine leading UK universities which explore critical issues in privacy, ethics, trust, reliability, acceptability, and security related to Internet of Things technology. We currently support the Consumer Security Index project, exploring labelling schemes for consumer products and the Cyber Hygiene project, exploring behaviour change interventions for cyber security behaviour.
UNIVERSITY OF KENT
Led by Dr. Jason Nurse and starting in Summer 2020, we will be supporting a PhD programme exploring the cyber security issues faced by technology users in the home environment with a focus on behaviour change interventions for different home users (such as adults, teenagers) with emerging Internet of Things technology,
Dawes Centre for Future Crime
The Dawes Centre for Future Crime part of the Security and Crime Science department at UCL.identifies emerging crime threats that arise from greater internet connectedness and works towards delivering pre-emptive interventions for the benefit of society.
SPRITE+ hub
The SPRITE+ hub brings together people involved in research, practice, and policy relevant with a focus on digital contexts. We are are a project partner helping to identify the future challenges of security, privacy, identity & trust in the digital world.
CREST
CybSafe is an associate partner of the Centre for Research and Evidence on Security Threats a national hub delivering world-class, interdisciplinary portfolio of activity maximising the value of behavioural and social science research to understanding, mitigating and countering threats to national security.
Research Institute in Science of Cyber Security
The Research Institute in Science of Cyber Security is the UK’s first academic Research Institute to focus on understanding the overall security of organisations, including their constituent technology, people and processes. It is now in its second phase.
Safe as Houses: TIPS in Home Office Environments
Our goal is to provide key, novel insights into the new challenges and tensions in relation to workplace Trust, Identity, Privacy and Security (TIPS), and thereby provide the much-need foundation for approaches to address these issues.
Government and regulators
We are supporting the FCA on guidance regarding how firms should measure, address and report on cyber awareness and culture risk within their organisations.
The sociotechnical group of NCSC focuses on how technology interacts with people, process and technology. We are working with NCSC on people-centric security and their awareness and behaviour change guidance.
We are working with the Cyber Security and Data Protection Directorate on improving cyber resilience in UK organisations.
Download
our report now!
Enter your name and email address below to download our report.
Resources & Events
Research library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
IMPACT 2023
IMPACT 2023 is about facilitating discussion and collaboration between academia and industry. And it’s about the latest academic research on the human aspect of cyber security. World leading-academic experts will discuss the latest research implications for policy and practice.
PeepSec
Our 100% free online summit held during London tech week focused on the people, the culture and social aspects of cyber security. All talks are evergreen.
Sign up to learn more
[Education] Whitgift
The education sector is a gold mine of opportunity for cyber attackers. There’s lots of data on individuals that you can use for phishing purposes. Things like names, addresses, and phone numbers. Higher education institutions also contain valuable, cutting-edge research.
CybSafe helps educational institutions to protect their valuable student, staff and research data.
[Technology] Condeco
Delivering a global security awareness programme is, at best, complex and time-consuming. For Condeco, CybSafe has become an “essential tool” in the organisation, saving everyone time and measurably changing behaviour. Find out why.
[Financial Services] Hastings Group
Regulated companies commit to keeping their customers and their data safe. Learn how Hastings Direct use CybSafe to take that commitment to the next level.
[Financial Services] Credit Suisse
Struggling to get people engaged with security awareness activity? Credit Suisse use CybSafe to do just that – covering 86,000 colleagues in 150 offices. Learn how.
[Technology] Genius Sports
Technology companies like Genius Sports employ a varied group of people. See how CybSafe gives each of them the support they need to improve their security habits.
[Healthcare & Pharmaceutical] NHS Bolton
Time is a premium for healthcare workers, now more than ever. So security awareness often takes a back seat. Discover how NHS Bolton use CybSafe to make the most of that narrow window of opportunity.