Security and Behaviour Change

Personas and Security

In cybersecurity, understanding individual user behaviors in detail can be challenging and impractical. Instead of focusing on each unique individual, designers and researchers use a technique called personas. Personas are archetypes or fictional characters that represent different types of users within a target audience. These personas help in designing security interventions and strategies that cater

Personas and Security Read More »

A short history of people-centred design and security

People-centred design in cybersecurity emphasizes the importance of considering users’ behaviors and needs when developing security technologies. Historically, the design of security systems focused more on technological advancements than on user interaction or behavior. It was only in the 1990s that both industry practice and academic research began to prioritize user-centered design, acknowledging that effective

A short history of people-centred design and security Read More »

Security compliance behaviour and overall security behaviour

Security Compliance Behavior and Overall Security Behavior Introduction to Security Compliance and Security Behavior In the field of information security and cybersecurity, the term “compliance” is commonly used to refer to the adherence to security policies and procedures within an organization. This concept is vital because it ensures that users follow established guidelines designed to

Security compliance behaviour and overall security behaviour Read More »

User-Centered Security: Understanding Human-Computer Interaction (HCI) in Security Behaviors

Reframing the Role of People in Security Traditionally, security professionals often viewed users as the weakest link in the security chain, referring to them as a “problem” to be managed. This perspective tends to focus on controlling or mitigating the risks posed by human error or non-compliance with security protocols. However, recent research and academic

User-Centered Security: Understanding Human-Computer Interaction (HCI) in Security Behaviors Read More »

Introduction to Security Interactions: Connecting Human-Computer Interaction (HCI) and Security Behaviors

Cybersecurity behaviors often involve significant human-computer interaction (HCI), which is critical in shaping how users engage with security technologies. Understanding the intersection between HCI and cybersecurity behaviors is essential for developing effective security practices. This field explores how user interactions with technology can either strengthen or weaken security measures, depending on the behaviors and decisions

Introduction to Security Interactions: Connecting Human-Computer Interaction (HCI) and Security Behaviors Read More »

Picking target audience and behaviours to change

In cybersecurity practice, selecting the right target audience and identifying the specific behaviors that need to be changed are crucial steps in designing effective interventions. This process involves several layers of consideration, from understanding the organizational context to applying behavioral theories and practical techniques. Let’s delve into this in more detail: Understanding the Purpose and

Picking target audience and behaviours to change Read More »

Tame and wicked security behaviour change problems

In the field of cybersecurity, particularly when dealing with behavior change, problems can be categorized as either “tame” or “wicked.” Understanding the distinction between these two types of problems is crucial when developing strategies to improve security behaviors within an organization. Tame Problems Tame problems are well-defined issues with clear solutions. They are typically easier

Tame and wicked security behaviour change problems Read More »

Examples of security behaviour change challenges in security management, software development, auditing and compliance and national policy

Security Behaviour Change Challenges Across Different Domains 1. Security Management: 2. Software Development: 3. Auditing and Compliance: 4. National Policy: Key Points from the Paper: Book Reference for Further Reading: By recognizing the complexity of non-compliance issues and applying strategies to address wicked problems, organizations can develop more effective security behavior change interventions and policies.

Examples of security behaviour change challenges in security management, software development, auditing and compliance and national policy Read More »