04-27, 09:30–13:30 (Europe/London), Roath Room
Although technical measures have played a vital role in enhancing cybersecurity, the changing landscape has shifted towards exploiting human vulnerabilities. Most recorded attacks now target behavioural vulnerabilities, highlighting the need to comprehend and encourage positive security behaviours. However, securing human behaviour poses a significant challenge, with individual motivations, environmental influences, and cognitive biases amongst a myriad of factors contributing to the complexity of the challenge. This village seeks to shed light on the complexity of the human challenge in cybersecurity. First, through a series of talks featuring academic and industry experts, we aim to showcase the diverse range of influences on human behaviour. From psychological biases to organisational culture and geopolitics, our speakers will explore the multifaceted nature of human factors and their implications for increasing positive security behaviours. In addition to the talks, attendees can participate in various human factors related interactive sessions, including a novel board game that simulates the development of a digital healthcare start-up, challenging players to make strategic product and cybersecurity decisions as board members. Finally, our village will facilitate an expert panel discussion on pressing questions surrounding human factors, including “How do we know interventions are working?” and ”What even are human factors?!”.
Our lineup of speakers brings together experts from various disciplines, offering insights into psychological processes, economic investment, political landscapes, and industrial perspectives, all relating to cybersecurity. From the importance of habit in positive security behaviours to the economics of security investments, each talk promises a nuanced exploration of the human element in cybersecurity.
To complement the talks, multiple activities await attendees, including "Technology, Threats, and Tradeoffs", an innovative research board game designed to immerse players in the dynamic environment of digital healthcare startup development. With a focus on cybersecurity and business investments, this game challenges players to navigate the complexities of strategic decision-making, as well as provides additional interactive sessions aimed at unravelling the essence of human factors.
Concluding the session, a panel of experts will tackle the fundamental questions surrounding human factors in cybersecurity, inviting discourse on the challenges, vulnerabilities, and future directions for human factors. Join us as we navigate the socio-technical terrain, striving to answer the critical question: What even are the human factors of cybersecurity?!
Talks
0930 - Start of HF village (Roath room) - opening remarks
0940 - Tobi Weickert (University of Bath) - Secure by Habit: Exploring the Role of Routine in Cybersecurity.
0955 - Mordecai Otter (Cardiff University) - Why human factors matter when designing digital defences.
1010 - George Raywood-Burke (Cardiff University) - Applying Theory to Practice: How Decision Making can be influenced in Cyber-Security.
1025 - Chris Locke (Admiral) - Agile Security Delivery
1040 - Elizabeth Kolade (University of Bristol) - Why is Cybersecurity a geopolitical issue?
1055 - Rob - Cross cultural differences in the perceived trustworthiness of online information.
Activities
1110 - Oishee Kundu, Tobi Weickert - Threats and trade-offs board game
Victoria Marcinkiewicz - OSINT challenge
Rob Peace/Chris Locke - Disinformation challenge
General HF discussion - everyone/anyone
Panel - Exploring the socio-technical challenge: What even are human factors?! and why should I care?
1230 - Prof Phil Morgan (Cardiff University)
Dr Oishee Kundu (University of Bath)
Stephen Donovan (Admiral)
Victoria Marcinkiewicz (Cardiff University)
End of track - 1330
Victoria is a 3rd year PhD student based in the School of Psychology and is part of the Doctoral Training Program (DTP) in Cyber Security Analytics.
Victoria studied Criminology as an undergraduate at the University of Lincoln and went on to complete her Masters in Criminology and Social Research – Cyber Crime and Cyber Security at the University of Surrey.
Victoria’s research focusses on how self-driving cars would be blamed and trusted (or not) in the event of a cyber attack using methods from both applied and experimental psychology. Victoria is also examining how the initial loss of trust in such technology could be countered by human-computer interactions with the human-machine interface and wider vehicle design.
Around her studies, Victoria has worked as a Research Assistant; spoken at international conferences, workshops and symposiums and is also an established Cyber Security and Information Assurance Consultant.
Rob is a psychologist at the University of Bath and part of the centre for doctoral training in Trust, Identity, Privacy, and Security (at scale). He has a general interest in the human factors of cybersecurity and digital behaviour. His specific research focuses on how individuals' trust in digital information is exploited (from OSS attacks, to phishing, to disinformation) when making decisions over the trustworthiness of information that they are unable to verify.
Oishee is a researcher in science technology and innovation (STI) policy, with a focus on the role of government demand in technology development.
