SlideShare a Scribd company logo

Information security consciousness

Download as PPTX, PDF
Ciarán Mc Mahon
Ciarán Mc Mahon

Talk by Dr Ciarán Mc Mahon at Facebook Dublin, as part of Cyber Security Month, October 2016. Information security consciousness: What you need to know about the psychology of online defence The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everday security routines. If you’d like to know how to re-wire your brain to make your cybersecurity habits more efficient and more enlightend, then this is the talk for you.

Business
1 of 40
INFORMATIONSECURITY CONSCIOUSNESS What you need to know about the psychology of online defence
Today’s talk • Introduction • About me • Elements of cybersecurity practice • The psychology of everyday strife • Moving slowly with unstable infrastructure • Information security consciousness
Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
About me Dr Ciarán Mc Mahon is a director of the Institute of Cyber Security and an award- winning academic psychologist from Ireland. A former Government of Ireland Scholar, he has published research on the history of psychological language, the psychology of social media, digital wellness and the social impact of cybercrime. Ciarán has worked at a number of third level institutions, most recently at the CyberPsychology Research Centre at the Royal College of Surgeons in Ireland. Ciarán also has extensive media experience and regularly contributes on topics relating to the human aspects of information technology to national and international outlets including Sky News, BBC Radio London, USA Today, Fortune Magazine, and The Guardian.
ELEMENTS OF CYBER SECURITY
General advice 1. Use strong and unique passwords. 2. Think before you click. Don't fall for scams! 3. Don't plug in unknown USB keys. 4. Use only trusted and secure connections, devices, sites and services. 5. Don’t let anyone look over your shoulder when online, and log out once finished. 6. Report suspicious activities/cybercrimes to the authorities 7. Always run the latest version of your OS and software. Run your anti-virus regularly and keep it updated too.
General advice 1. Use strong and unique passwords. 2. Think before you click. Don't fall for scams! 3. Don't plug in unknown USB keys. 4. Use only trusted and secure connections, devices, sites and services. 5. Don’t let anyone look over your shoulder when online, and log out once finished. 6. Report suspicious activities/cybercrimes to the authorities 7. Always run the latest version of your OS and software. Run your anti-virus regularly and keep it updated too.
WHY DO WE FIND CYBER SECURITY HARD?and how can we make it easier? and more efficient?
Passwords (Whitty, Doodson, Creese, & Hodges, 2015) o Most likely to share passwords: o Younger people o Low perseverance o High self-monitoring o Knowledge about cybersecurity did not distinguish between those who did and did not share passwords
Passwords (Pilar, Jaeger, Gomes, & Stein, 2012) o Older adults no more memory difficulties than younger o Number of password uses was the most influential factor on memory performance o limit for most people seems to be 5 passwords o recommend mnemonics and re- using passwords by category of use
Passwords (Das, Hong, & Schechter, 2016) o Microsoft research o Participants assigned six random words o (∼56 bits of entropy) o The trained to form into a story o Less training, better recall, than rote learning
Phishing (Parsons et al., 2013) o Participants who knew they were in a phishing study performed significantly better o Participants who had formal training in information systems performed more poorly overall. o 42% of all emails were incorrectly classified
Phishing (Vishwanath, Herath, Chen, Wang, & Rao, 2011) o Most phishing emails are peripherally processed and individuals make decisions based on simple cues embedded in the email (e.g. Urgent!!) o People far more likely to respond to phishing emails when they have large email loads...
Phishing research • Must recognise that the signal/noise ratio is prohibitive here • Strategies – if you come across a phishing email, share screenshots with colleagues – if targeted/spearphishing, inform your security team asap
USB keys (Tischer et al., 2016) o 16% scanned drive with anti- virus software; 8% believed their OS would protect them o Majority connected a drive in order to locate its owner (68%) o Study authors believe altruism comes first, then curiosity o “I was wondering why a jpeg picture had an html address”
USB keys (Hornstein, Fisch, & Holmes, 1968) o Famous social psychology study o People more likely to return lost wallet when primed to feel good about it o but 12% of people primed to feel bad about returning the wallet still did so o what’s the moral of the story?
Anti-virus & updating • Lurking (Nonnecke, East, & Preece, 2001) • Pareto principle – 90/9/1 rule – 90 people watch – 9 people talk – 1 person creates • Ergo, few expect to have to do maintenance
Anti-virus & updating • Telepresence (Lombard, Ditton, & Media, 1997) – IT is designed to be a seamless interactive, unobtrusive experience – no awareness of actual engineering • Ergo, surprise when required
‘Everything is broken’ • Quinn Norton ‘It’s hard to explain to regular people how much technology barely works, how much the infrastructure of our lives is held together by the IT equivalent of baling wire. Computers, and computing, are broken.’
‘Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance’(Vonnegut)
What is the mind? SHEN HSIU The body is the Bodhi tree The mind a bright mirror stand Cleanse it with daily diligence See to it that no dust adheres HUI-NENG. There is no Boddhi-tree, Nor stand of a mirror bright. Since all is void, Where can the dust alight?
What is the mind? SHEN HSIU The body is the Bodhi tree The mind a bright mirror stand Cleanse it with daily diligence See to it that no dust adheres HUI-NENG. There is no Boddhi-tree, Nor stand of a mirror bright. Since all is void, Where can the dust alight?
What is the mind? SHEN HSIU The body is the Bodhi tree The mind a bright mirror stand Cleanse it with daily diligence See to it that no dust adheres HUI-NENG. There is no Boddhi-tree, Nor stand of a mirror bright. Since all is void, Where can the dust alight?
‘Mind as machine’ memory cache hard-wired processing power bootstrap
‘Security as warfare’ attack/defence firewall weapons threat model
‘Security as hygiene’ virus infection quarantine code injection
‘hyper cyber securitizatio
‘hyper cyber securitization because it’s essentially invisible, like the mind, security is often overhyped
we need to transcend these metaphors if we are to truly incorporate cyber security into our daily practices. It has to be more meaningful
What is information security consciousness?
information security consciousness 1. A refusal to sow fear and a pledge to conserve attention 2. An awareness of human limits, and a readiness to transcend them 3. An acknowledgement that ‘everything is broken’ and a willingness to fix it
But above all
practice loyalty
practice loyalty thank you

Recommended

Introduction to null villupuram community
Introduction to null villupuram communityIntroduction to null villupuram community
Introduction to null villupuram communityMohammed Adam
 
Kaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitKaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitPR Americas
 
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNorth Texas Chapter of the ISSA
 
Bluetooth Attacks.docx
Bluetooth Attacks.docxBluetooth Attacks.docx
Bluetooth Attacks.docxShravani Patil
 
Community IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Innovators
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Sean Whalen
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 

Recommended

Introduction to null villupuram community
Introduction to null villupuram communityIntroduction to null villupuram community
Introduction to null villupuram communityMohammed Adam
 
Kaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitKaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitPR Americas
 
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNorth Texas Chapter of the ISSA
 
Bluetooth Attacks.docx
Bluetooth Attacks.docxBluetooth Attacks.docx
Bluetooth Attacks.docxShravani Patil
 
Community IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Innovators
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Sean Whalen
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1Paul Ward
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1Paul Ward
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1Paul Ward
 
Evolving it security Threats and Solutions
Evolving it security Threats and SolutionsEvolving it security Threats and Solutions
Evolving it security Threats and SolutionsUniversity of Hertfordshire
 
How to network effectively: One mindset and five techniques
How to network effectively: One mindset and five techniquesHow to network effectively: One mindset and five techniques
How to network effectively: One mindset and five techniquesAndrew Botros
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917Evan Francen
 
SXSW: Reboot Yourself: Get A Grip on Your Technology
SXSW: Reboot Yourself: Get A Grip on Your TechnologySXSW: Reboot Yourself: Get A Grip on Your Technology
SXSW: Reboot Yourself: Get A Grip on Your TechnologyBeth Kanter
 
1_Maverick Introduction To Digital Literacy.pdf
1_Maverick Introduction To Digital Literacy.pdf1_Maverick Introduction To Digital Literacy.pdf
1_Maverick Introduction To Digital Literacy.pdfPaul Woodhead
 
What did you say? interculture communication [HICSS 45 2012-01-04
What did you say? interculture communication [HICSS 45 2012-01-04What did you say? interculture communication [HICSS 45 2012-01-04
What did you say? interculture communication [HICSS 45 2012-01-04Frederick Zarndt
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Kimberley Dray
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 
Is Your Website Trauma-Informed?
Is Your Website Trauma-Informed?Is Your Website Trauma-Informed?
Is Your Website Trauma-Informed?Melissa Eggleston
 
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...anne spencer
 
Talks submitted
Talks submittedTalks submitted
Talks submittedKim Minh
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
Go Reboot Yourself: Get a Grip on Your Tech
Go Reboot Yourself: Get a Grip on Your TechGo Reboot Yourself: Get a Grip on Your Tech
Go Reboot Yourself: Get a Grip on Your TechAliza Sherman
 
So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017Adrien de Beaupre
 
What I Want To Be After 10 Years Essay
What I Want To Be After 10 Years EssayWhat I Want To Be After 10 Years Essay
What I Want To Be After 10 Years EssayAmy White
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 

More Related Content

Similar to Information security consciousness

Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1Paul Ward
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1Paul Ward
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1Paul Ward
 
How to network effectively: One mindset and five techniques
How to network effectively: One mindset and five techniquesHow to network effectively: One mindset and five techniques
How to network effectively: One mindset and five techniquesAndrew Botros
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917Evan Francen
 
SXSW: Reboot Yourself: Get A Grip on Your Technology
SXSW: Reboot Yourself: Get A Grip on Your TechnologySXSW: Reboot Yourself: Get A Grip on Your Technology
SXSW: Reboot Yourself: Get A Grip on Your TechnologyBeth Kanter
 
1_Maverick Introduction To Digital Literacy.pdf
1_Maverick Introduction To Digital Literacy.pdf1_Maverick Introduction To Digital Literacy.pdf
1_Maverick Introduction To Digital Literacy.pdfPaul Woodhead
 
What did you say? interculture communication [HICSS 45 2012-01-04
What did you say? interculture communication [HICSS 45 2012-01-04What did you say? interculture communication [HICSS 45 2012-01-04
What did you say? interculture communication [HICSS 45 2012-01-04Frederick Zarndt
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Kimberley Dray
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 
Is Your Website Trauma-Informed?
Is Your Website Trauma-Informed?Is Your Website Trauma-Informed?
Is Your Website Trauma-Informed?Melissa Eggleston
 
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...anne spencer
 
Talks submitted
Talks submittedTalks submitted
Talks submittedKim Minh
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
Go Reboot Yourself: Get a Grip on Your Tech
Go Reboot Yourself: Get a Grip on Your TechGo Reboot Yourself: Get a Grip on Your Tech
Go Reboot Yourself: Get a Grip on Your TechAliza Sherman
 
So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017Adrien de Beaupre
 
What I Want To Be After 10 Years Essay
What I Want To Be After 10 Years EssayWhat I Want To Be After 10 Years Essay
What I Want To Be After 10 Years EssayAmy White
 

Similar to Information security consciousness (20)

Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1
 
Itethic Reader V.1.1
Itethic Reader V.1.1Itethic Reader V.1.1
Itethic Reader V.1.1
 
Evolving it security Threats and Solutions
Evolving it security Threats and SolutionsEvolving it security Threats and Solutions
Evolving it security Threats and Solutions
 
How to network effectively: One mindset and five techniques
How to network effectively: One mindset and five techniquesHow to network effectively: One mindset and five techniques
How to network effectively: One mindset and five techniques
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
 
SXSW: Reboot Yourself: Get A Grip on Your Technology
SXSW: Reboot Yourself: Get A Grip on Your TechnologySXSW: Reboot Yourself: Get A Grip on Your Technology
SXSW: Reboot Yourself: Get A Grip on Your Technology
 
1_Maverick Introduction To Digital Literacy.pdf
1_Maverick Introduction To Digital Literacy.pdf1_Maverick Introduction To Digital Literacy.pdf
1_Maverick Introduction To Digital Literacy.pdf
 
What did you say? interculture communication [HICSS 45 2012-01-04
What did you say? interculture communication [HICSS 45 2012-01-04What did you say? interculture communication [HICSS 45 2012-01-04
What did you say? interculture communication [HICSS 45 2012-01-04
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
 
Is Your Website Trauma-Informed?
Is Your Website Trauma-Informed?Is Your Website Trauma-Informed?
Is Your Website Trauma-Informed?
 
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
The Force Awakens - Technology as a Force for Change or a Pathway to the Dark...
 
Talks submitted
Talks submittedTalks submitted
Talks submitted
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
Go Reboot Yourself: Get a Grip on Your Tech
Go Reboot Yourself: Get a Grip on Your TechGo Reboot Yourself: Get a Grip on Your Tech
Go Reboot Yourself: Get a Grip on Your Tech
 
So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017
 
What I Want To Be After 10 Years Essay
What I Want To Be After 10 Years EssayWhat I Want To Be After 10 Years Essay
What I Want To Be After 10 Years Essay
 

Recently uploaded

Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024christinemoorman
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneVIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Serviceankitnayak356677
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewasmakika9823
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 

Recently uploaded (20)

Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in management
 
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneVIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 

Information security consciousness

  • 1. INFORMATIONSECURITY CONSCIOUSNESS What you need to know about the psychology of online defence
  • 2. Today’s talk • Introduction • About me • Elements of cybersecurity practice • The psychology of everyday strife • Moving slowly with unstable infrastructure • Information security consciousness
  • 3. Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
  • 4. Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
  • 5. Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
  • 6. Today’s Talk • The aim of this talk is to deepdive the psychology of cybersecurity, in order to give attendees a more profound insight into their everyday security routines. If you’d like to know how to re-wire your mind to make cybersecurity more efficient and easier to achieve, this is the talk for you.
  • 7. About me Dr Ciarán Mc Mahon is a director of the Institute of Cyber Security and an award- winning academic psychologist from Ireland. A former Government of Ireland Scholar, he has published research on the history of psychological language, the psychology of social media, digital wellness and the social impact of cybercrime. Ciarán has worked at a number of third level institutions, most recently at the CyberPsychology Research Centre at the Royal College of Surgeons in Ireland. Ciarán also has extensive media experience and regularly contributes on topics relating to the human aspects of information technology to national and international outlets including Sky News, BBC Radio London, USA Today, Fortune Magazine, and The Guardian.
  • 9. General advice 1. Use strong and unique passwords. 2. Think before you click. Don't fall for scams! 3. Don't plug in unknown USB keys. 4. Use only trusted and secure connections, devices, sites and services. 5. Don’t let anyone look over your shoulder when online, and log out once finished. 6. Report suspicious activities/cybercrimes to the authorities 7. Always run the latest version of your OS and software. Run your anti-virus regularly and keep it updated too.
  • 10. General advice 1. Use strong and unique passwords. 2. Think before you click. Don't fall for scams! 3. Don't plug in unknown USB keys. 4. Use only trusted and secure connections, devices, sites and services. 5. Don’t let anyone look over your shoulder when online, and log out once finished. 6. Report suspicious activities/cybercrimes to the authorities 7. Always run the latest version of your OS and software. Run your anti-virus regularly and keep it updated too.
  • 11. WHY DO WE FIND CYBER SECURITY HARD?and how can we make it easier? and more efficient?
  • 12. Passwords (Whitty, Doodson, Creese, & Hodges, 2015) o Most likely to share passwords: o Younger people o Low perseverance o High self-monitoring o Knowledge about cybersecurity did not distinguish between those who did and did not share passwords
  • 13. Passwords (Pilar, Jaeger, Gomes, & Stein, 2012) o Older adults no more memory difficulties than younger o Number of password uses was the most influential factor on memory performance o limit for most people seems to be 5 passwords o recommend mnemonics and re- using passwords by category of use
  • 14.
  • 15. Passwords (Das, Hong, & Schechter, 2016) o Microsoft research o Participants assigned six random words o (∼56 bits of entropy) o The trained to form into a story o Less training, better recall, than rote learning
  • 16. Phishing (Parsons et al., 2013) o Participants who knew they were in a phishing study performed significantly better o Participants who had formal training in information systems performed more poorly overall. o 42% of all emails were incorrectly classified
  • 17. Phishing (Vishwanath, Herath, Chen, Wang, & Rao, 2011) o Most phishing emails are peripherally processed and individuals make decisions based on simple cues embedded in the email (e.g. Urgent!!) o People far more likely to respond to phishing emails when they have large email loads...
  • 18. Phishing research • Must recognise that the signal/noise ratio is prohibitive here • Strategies – if you come across a phishing email, share screenshots with colleagues – if targeted/spearphishing, inform your security team asap
  • 19. USB keys (Tischer et al., 2016) o 16% scanned drive with anti- virus software; 8% believed their OS would protect them o Majority connected a drive in order to locate its owner (68%) o Study authors believe altruism comes first, then curiosity o “I was wondering why a jpeg picture had an html address”
  • 20. USB keys (Hornstein, Fisch, & Holmes, 1968) o Famous social psychology study o People more likely to return lost wallet when primed to feel good about it o but 12% of people primed to feel bad about returning the wallet still did so o what’s the moral of the story?
  • 21. Anti-virus & updating • Lurking (Nonnecke, East, & Preece, 2001) • Pareto principle – 90/9/1 rule – 90 people watch – 9 people talk – 1 person creates • Ergo, few expect to have to do maintenance
  • 22. Anti-virus & updating • Telepresence (Lombard, Ditton, & Media, 1997) – IT is designed to be a seamless interactive, unobtrusive experience – no awareness of actual engineering • Ergo, surprise when required
  • 23. ‘Everything is broken’ • Quinn Norton ‘It’s hard to explain to regular people how much technology barely works, how much the infrastructure of our lives is held together by the IT equivalent of baling wire. Computers, and computing, are broken.’
  • 24. ‘Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance’(Vonnegut)
  • 25.
  • 26. What is the mind? SHEN HSIU The body is the Bodhi tree The mind a bright mirror stand Cleanse it with daily diligence See to it that no dust adheres HUI-NENG. There is no Boddhi-tree, Nor stand of a mirror bright. Since all is void, Where can the dust alight?
  • 27. What is the mind? SHEN HSIU The body is the Bodhi tree The mind a bright mirror stand Cleanse it with daily diligence See to it that no dust adheres HUI-NENG. There is no Boddhi-tree, Nor stand of a mirror bright. Since all is void, Where can the dust alight?
  • 28. What is the mind? SHEN HSIU The body is the Bodhi tree The mind a bright mirror stand Cleanse it with daily diligence See to it that no dust adheres HUI-NENG. There is no Boddhi-tree, Nor stand of a mirror bright. Since all is void, Where can the dust alight?
  • 29. ‘Mind as machine’ memory cache hard-wired processing power bootstrap
  • 30.
  • 34. ‘hyper cyber securitization because it’s essentially invisible, like the mind, security is often overhyped
  • 35. we need to transcend these metaphors if we are to truly incorporate cyber security into our daily practices. It has to be more meaningful
  • 36. What is information security consciousness?
  • 37. information security consciousness 1. A refusal to sow fear and a pledge to conserve attention 2. An awareness of human limits, and a readiness to transcend them 3. An acknowledgement that ‘everything is broken’ and a willingness to fix it

Editor's Notes

  1. If Apple IDs are worth €20k, how much for Facebook IDs? http://uk.businessinsider.com/hackers-offering-apple-employees-in-ireland-euros-login-details-2016-2
  2. Image: Ciarán Mc Mahon
  3. See: National Cyber Security Alliance https://staysafeonline.org/stay-safe-online/resources/stc-tips-and-advice Also: Coventry, L., Briggs, P., Blythe, J., & Tran, M. (2014). Using behavioural insights to improve the public’s use of cyber security best practices. https://www.gov.uk/government/publications/cyber-security-using-behavioural-insights-to-keep-people-safe-online
  4. according to one of your colleagues, security engineers are taking several months longer to find than regular engineers. this is a skills gap that won't be solved any time soon. the cavalry is not coming any time soon so you're going to have to hack security yourself http://qz.com/681792/theres-a-hacker-shortage-so-facebooks-turning-to-middle-schools/
  5. Image: https://upload.wikimedia.org/wikipedia/commons/thumb/b/b2/Steal_password.jpg/1280px-Steal_password.jpg Whitty, M. T., Doodson, J., Creese, S., & Hodges, D. (2015). Individual differences in cyber security behaviors: An examination of who is sharing passwords. Cyberpsychology, Behavior, and Social Networking, 18, 3–7. http://doi.org/10.1089/cyber.2014.0179
  6. Pilar, D. R., Jaeger, A., Gomes, C. F. A., & Stein, L. M. (2012). Passwords usage and human memory limitations: a survey across age and educational background. PloS One, 7(12), e51067. http://doi.org/10.1371/journal.pone.0051067
  7. Image: https://xkcd.com/936/
  8. Das, S., Hong, J., & Schechter, S. (2016). Testing Computer-Aided Mnemonics and Feedback for Fast Memorization of High-Value Secrets. USEC (NDSS Workshop), (February). http://doi.org/10.14722/usec.2016.23010
  9. Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). Phishing for the truth: A scenario-based experiment of users’ behavioural response to emails. IFIP Advances in Information and Communication Technology, 405, 366–378. http://doi.org/10.1007/978-3-642-39218-4_27
  10. Vishwanath, A., Herath, T., Chen, R., Wang, J., & Rao, H. R. (2011). Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model. Decision Support Systems, 51(3), 576–586. http://doi.org/10.1016/j.dss.2011.03.002
  11. Tischer, M., Durumeric, Z., Foster, S., Duan, S., Mori, A., Bursztein, E., & Bailey, M. (2016). Users really do plug in USB drives they find. IEEE Symposium on Security and Privacy, 1–14. http://doi.org/10.1109/SP.2016.26
  12. Image: https://en.wikipedia.org/wiki/Wallet#/media/File:WalletMpegMan.jpg Hornstein, H. A., Fisch, E., & Holmes, M. (1968). Influence of a model’s feeling about his behavior and his relevance as a comparison other on observers’ helping behavior. Journal of Personality and Social Psychology, 10(3), 222–226. http://doi.org/10.1037/h0026568
  13. Nonnecke, B., East, K. S., & Preece, J. (2001). Why lurkers lurk. In Americas Conference on Information Systems (pp. 1–10).
  14. Lombard, M., Ditton, T., & Media, M. (1997). At the heart of it all: The concept of presence. Journal of Computer-Mediated Communication, 3(2), 1–23.
  15. Source: https://medium.com/message/everything-is-broken-81e5f33a24e1#.sc7pf19g3 Image: https://picjumbo.imgix.net/HNCK2364.jpg
  16. Image: gratisography.com Quote: attributed
  17. Image: https://upload.wikimedia.org/wikipedia/commons/c/c3/Neuronal_activity_DARPA.jpg
  18. Source: various. See Jorgensen, J.J. (2005). Inventing Hui-neng, the Sixth Patriarch: Hagiography And Biography in Early Ch'an. Leiden: Brill
  19. Image: https://upload.wikimedia.org/wikipedia/commons/1/17/ArtificialFictionBrain.png
  20. Image: https://upload.wikimedia.org/wikipedia/commons/a/a8/Apple_and_Orange_-_they_do_not_compare.jpg
  21. Image: https://upload.wikimedia.org/wikipedia/commons/c/c4/INF3-136_War_Effort_We_beat_'em_before._We_will_beat_'em_again_(infantryman_and_machine_gunner_attacking)_Artist_Pat_Keely.jpg
  22. Image: https://upload.wikimedia.org/wikipedia/commons/1/1b/OCD_handwash.jpg