Evaluating organizational phishing awareness training on an enterprise scale
Employees are often the victims of phishing attacks, posing a threat to both themselves and
their organizations. In response, organizations are dedicating resources, time, and …
their organizations. In response, organizations are dedicating resources, time, and …
Hackers vs. testers: A comparison of software vulnerability discovery processes
Identifying security vulnerabilities in software is a critical task that requires significant human
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
Human factor security: evaluating the cybersecurity capacity of the industrial workforce
Purpose As cyber-attacks continue to grow, organisations adopting the internet-of-things
(IoT) have continued to react to security concerns that threaten their businesses within the …
(IoT) have continued to react to security concerns that threaten their businesses within the …
{“Employees} Who {Don't} Accept the Time Security Takes Are Not Aware {Enough”}: The {CISO} View of {Human-Centred} Security
In larger organisations, the security controls and policies that protect employees are typically
managed by a Chief Information Security Officer (CISO). In research, industry, and policy …
managed by a Chief Information Security Officer (CISO). In research, industry, and policy …
[PDF][PDF] The cyber security body of knowledge
D Basin - University of Bristol, ch. Formal Methods for, 2021 - cybok.org
The CyBOK project would like to understand how the CyBOK is being used and its uptake.
The project would like organisations using, or intending to use, CyBOK for the purposes of …
The project would like organisations using, or intending to use, CyBOK for the purposes of …
Human-centered authentication guidelines
JD Still, A Cain, D Schuster - Information & Computer Security, 2017 - emerald.com
Purpose Despite the widespread use of authentication schemes and the rapid emergence of
novel authentication schemes, a general set of domain-specific guidelines has not yet been …
novel authentication schemes, a general set of domain-specific guidelines has not yet been …
Checking, nudging or scoring? Evaluating e-mail user security tools
SY Zheng, I Becker - Nineteenth Symposium on Usable Privacy and …, 2023 - usenix.org
Phishing e-mail threats are increasing in sophistication. Technical measures alone do not
fully prevent users from falling for them and common e-mail interfaces provide little support …
fully prevent users from falling for them and common e-mail interfaces provide little support …
Costly but effective: Comparing the factors that influence employee anti-malware behaviours
JM Blythe, L Coventry - Computers in Human Behavior, 2018 - Elsevier
A cross sectional survey examined an extended version of Protection Motivation Theory
(PMT) to identify factors that influence employees' intentions to perform three anti-malware …
(PMT) to identify factors that influence employees' intentions to perform three anti-malware …
Digital accumulation behaviours and information management in the workplace: exploring the tensions between digital data hoarding, organisational culture and …
Individuals within organisations necessarily hold data including personal identifiable data,
for individuals with a tendency to accumulate digital data and a reluctance to delete it, there …
for individuals with a tendency to accumulate digital data and a reluctance to delete it, there …
From awareness to influence: toward a model for improving employees' security behaviour
M Alshaikh, B Adamson - Personal and Ubiquitous Computing, 2021 - Springer
This paper argues that a conventional approach to cybersecurity awareness is not effective
in influencing employees and creating sustainable behaviour change. The increase in …
in influencing employees and creating sustainable behaviour change. The increase in …