Security and Behaviour Change

1. Biometric Authentication Biometric authentication, such as fingerprint scanning, facial recognition, or iris scanning, has become commonplace in devices like smartphones and laptops. This method of authentication is an excellent example of usable security because it combines high security with ease of use. Unlike traditional passwords, which can be forgotten, stolen, or guessed, biometric data […]

Summary of Usable Security and Its Main Developments Since the Turn of the Century Introduction Since the turn of the century, usable security has evolved significantly as digital technologies have become deeply integrated into daily life. The growing complexity and ubiquity of these technologies have underscored the necessity for security systems that are not only

Introduction In Week 4, we explored the relationship between human-computer interaction (HCI) and cybersecurity behaviors. We delved into how these interactions are often pivotal points for security behaviors, making them crucial areas for cybersecurity behavior change. A key concept introduced was user or people-centered design, which emphasizes the importance of designing security technologies that are

Understanding Shadow Practices: Shadow practices refer to unauthorized actions or behaviors within an organization that bypass official security policies and procedures. Examples include the use of unauthorized software (shadow IT), storing sensitive data on personal devices (shadow data), and sharing credentials without approval (shadow access). These practices can increase the risk of data breaches, regulatory

Understanding Shadow Practices: Shadow practices refer to behaviors or practices that deviate from officially sanctioned security protocols within an organization. These practices are often seen as non-compliant or risky because they do not align with the established security policies. However, there is a growing recognition among researchers and practitioners that these practices do not always

Introduction to Shadow Practices Shadow Practices: In the realm of cybersecurity, shadow practices refer to security-related behaviors that occur outside the formal, authorized IT infrastructure of an organization. These practices often involve the use of unauthorized or unsanctioned technologies, commonly known as “shadow IT.” These shadow practices can include the use of personal devices, unauthorized

Scenario 1: Weak Passwords in a Corporate Setting Problem:In many corporate settings, employees often use weak passwords, reuse them across multiple accounts, or fail to update them regularly. This behavior presents a significant security risk to the organization’s data and systems. Despite password policies and awareness campaigns, many employees continue to prioritize convenience over security.

Measuring the success of behavior change in cybersecurity involves a complex process that requires a detailed understanding of human-computer interaction and the factors that influence security behaviors. The key to evaluating the effectiveness of security initiatives lies in understanding the assumptions behind the security policies and assessing whether the intended behaviors are being adopted by

Overview: In organizations, security compliance is a critical component of managing cybersecurity behaviors. Compliance is often used as a benchmark to assess how well security policies are being followed and to identify areas where behavior needs to be influenced. Understanding and managing compliance behavior effectively requires a people-centered approach, which takes into account the human

When studying cybersecurity behaviors, it’s essential to understand the human-computer interaction (HCI) involved. Many critical security tasks—like password management, user authentication, patch management, and data sharing—require users to interact with security technologies. Understanding these interactions is crucial for designing effective security measures and ensuring compliance. Focus of the Week: This week, the focus is on