SlideShare a Scribd company logo

Reframing Organizational Cybersecurity to Design for “Cyber Health”

Cori Faklaris
Cori Faklaris

Presented July 15, 2018 to the 2018 Organizational Science and Cybersecurity Workshop, George Mason University, Fairfax, VA, USA. In this talk, I present the Transtheoretical Model (TTM) of Behavior Change for use in an organizational context as part of a larger reframing of end-user cybersecurity as a problem of organization health and wellness. I explain a visual diagram of six TTM Stages of Change and associated intervention strategies, as adapted from medical and wellness literature, and relate these to examples of security interventions currently in use, such as password strength indicators and Facebook Trusted Contacts. I conclude with my view that this framing can help researchers and practitioners approach “wicked problems” of organizational security that are not “tame” or one-and-done engineering problems but socio-cultural conditions that call for sustained, empowered action.

Technology
1 of 20
Download to read offline
Reframing Organizational Cybersecurity to Design for “Cyber Health” Cori Faklaris | July 15, 2018 Presentation to the 2018 Organizational Science and Cybersecurity Workshop, George Mason University, Fairfax, VA, USA
1. About me 2. Background for my work 3. Big idea 4. How to use this big idea (in theory) 5. Does this big idea work in practice Agenda Cori Faklaris - July 2018 - Carnegie Mellon University - Page 2
● PhD student researcher at Carnegie Mellon HCII ○ Social cybersecurity, Design of information systems, Emerging trends in social media and messaging apps ● M.S., Human-Computer Interaction ○ Indiana University School of Informatics and Computing ○ Thesis: The State of Digital ‘Fair Use’ ● B.S., Journalism, News-Editorial sequence ○ University of Illinois at Urbana-Champaign College of Media ● Social Media Consultant and Editor/Writer ● Previous job titles in news media included: ○ Engagement Producer, Page Designer, Copy Editor, Correspondent, Columnist, Reporter ... ○ “Doer of Things No One Else Wants to Do” (IT, UX :-) 3Cori Faklaris - July 2018 - Carnegie Mellon University - Page 3
4
Many problems in human-computer interaction are ill-defined, complex and/or involve unknown factors. The “Design Thinking” methodology provides a solutions-based approach to solving these problems. https://www.interaction-design.org/literature/article/5-stages-in-the-design-thinking-process 5 Empathize Define Ideate TestPrototype Cori Faklaris - July 2018 - Carnegie Mellon University - Page 5
“Wicked Problems”: As opposed to “tame problems” or one-and-done engineering problems, these are social conditions that call for sustained, empowered action - and for which solving one problem often creates another problem. Horst W.J. Rittel and Melvin M. Webber. 1973. “Dilemmas in a general theory of planning.” Policy sciences, 4(2), 155-169. 6Cori Faklaris - July 2018 - Carnegie Mellon University - Page 6
● Use multiple systems ● Be flexible in approaches ● Work collaboratively Christopher Crouch and Jane Pearce. 2012. Doing Research in Design. Bloomsbury. 7Cori Faklaris - July 2018 - Carnegie Mellon University - Page 7
Is Organizational Cybersecurity a “Wicked Problem?” ● A lack of definitive formulation. ● No stopping rule that determines when a solution has been found. ● Good or bad solutions rather than true or false solutions. ● Lack of immediate and ultimate tests of solutions. ● Solutions are “one-shot” operations rather than trial and error. ● Lack of criteria that indicate all solutions have been identified. ● The uniqueness of every wicked problem. 8Cori Faklaris - July 2018 - Carnegie Mellon University - Page 8
9 Social contagion Herd immunity Viral hoaxes
Transtheoretical Model of (Health) Behavior Change ● Based on James Prochaska, Carlo DiClemente and others’ work on “self-change” for smokers, substance abusers, anorexics, more. ● Attempt to pull together concepts from many different psychosocial theories into one model covering the spectrum of readiness to change. ○ Precontemplation, Contemplation, Preparation, Action, Relapse, Maintenance. ○ Termination is considered an idealistic stage and often not achieved in practice. ● In this model, humans’ readiness to change is the result of a decisional balance of pros and cons for the self and for significant others (Janis & Mann, 1977) along with self-efficacy and temptation. ○ Different cognitive values are emphasized at different stages of change. ○ Different processes are emphasized at each stage of change to move people from one stage to the next. 10Cori Faklaris - July 2018 - Carnegie Mellon University - Page 10
Source: “The Transtheoretical Model ( Stages of Change)”. 2016. Boston University School of Public Health. Last visited Feb. 7, 2018 at http://sphweb.bumc.bu.edu/otlt/MPH-Modules/SB/BehavioralChangeTheories/BehavioralChangeTheories6.html (Awareness) (Motivation) (Knowledge) (Resistance) (Reinforcement) (Denial) 11
Pre-Contemplation AW ARENESS MOTIVATION Contemplation Preparation (Determination)Action M aintenance -Regulations -Government -Society -Culture Relapse -Larger system environment -Global internet infrastructure SELF-EFFICACY TEMPTATION KNOWLEDGE REINFORCEMENT R ESISTAN C E DENIAL SITUATIONAL FACTORS SOCIAL FACTORS OTHER INDIVIDUAL FACTORS EXTERNAL FACTORS EXTERNAL FACTORS 12Cori Faklaris - July 2018 - Carnegie Mellon Univ. - Page 12
13
14
15
16
17 Fish’n’Steps: Encouraging physical activity with an interactive computer game James J. Lin, Lena Mamykina, Silvia Lindtner, Gregory Delajoux, and Henry B. Strub. 2006. In International conference on ubiquitous computing, 261–278. Cori Faklaris - July 2018 - Carnegie Mellon University - Page 17
18 Research plan to test TTM as security design model ● Create security interventions that help end users to reflect on their security practices and leverages their natural interest in helping themselves and their significant others - family, friends, partners, work teams, other social groups - to get things done and to maintain bonds. ○ Already exist and/or are in development for the Social Cybersecurity project. ○ Quiz on cybersecurity knowledge, a game application to simulate an IT help desk working on software updates, a browser plugin to crowdsource recommended settings for social media accounts, Thumprint user-authentication system. ● Assess whether there is evidence that the interventions help to move them from one Stage of Change to another stage. ○ Developing Security Sensitivity psychometric scale. ○ Conduct interviews with participants and log their system actions. Cori Faklaris - July 2018 - Carnegie Mellon University - Page 18
● Lens: Security as health ● Design model adapts TTM ● How to use the model Any questions? You can find me at ○ Twitter: @heycori | Email: heycori @cmu.edu ○ Website: http://corifaklaris.com 20 20Cori Faklaris - July 2018 - Carnegie Mellon University - Page 20

Recommended

Big data, Big prejudice: how algorithms can discriminate?
Big data, Big prejudice: how algorithms can discriminate?Big data, Big prejudice: how algorithms can discriminate?
Big data, Big prejudice: how algorithms can discriminate?
Sara_Hajian
 
The ideological problematic of (big) data and Social Informatics
The ideological problematic of (big) data and Social InformaticsThe ideological problematic of (big) data and Social Informatics
The ideological problematic of (big) data and Social Informatics
Michael Marcinkowski
 
Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'
Cori Faklaris
 
Biobanks as Knowledge Institutions
Biobanks as Knowledge InstitutionsBiobanks as Knowledge Institutions
Biobanks as Knowledge Institutions
professormadison
 
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
Cori Faklaris
 
Engagement parentingsct munno
Engagement parentingsct munnoEngagement parentingsct munno
Engagement parentingsct munno
Greg Munno
 
Engagement parentingsct munno
Engagement parentingsct munnoEngagement parentingsct munno
Engagement parentingsct munno
Greg Munno
 
Vigrass_SeniorThesis
Vigrass_SeniorThesisVigrass_SeniorThesis
Vigrass_SeniorThesis
Jhena Vigrass
 

Recommended

Big data, Big prejudice: how algorithms can discriminate?
Big data, Big prejudice: how algorithms can discriminate?Big data, Big prejudice: how algorithms can discriminate?
Big data, Big prejudice: how algorithms can discriminate?
Sara_Hajian
 
The ideological problematic of (big) data and Social Informatics
The ideological problematic of (big) data and Social InformaticsThe ideological problematic of (big) data and Social Informatics
The ideological problematic of (big) data and Social Informatics
Michael Marcinkowski
 
Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'Reframing Usable Privacy + Security to Design for 'Cyber Health'
Reframing Usable Privacy + Security to Design for 'Cyber Health'
Cori Faklaris
 
Biobanks as Knowledge Institutions
Biobanks as Knowledge InstitutionsBiobanks as Knowledge Institutions
Biobanks as Knowledge Institutions
professormadison
 
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...
Cori Faklaris
 
Engagement parentingsct munno
Engagement parentingsct munnoEngagement parentingsct munno
Engagement parentingsct munno
Greg Munno
 
Engagement parentingsct munno
Engagement parentingsct munnoEngagement parentingsct munno
Engagement parentingsct munno
Greg Munno
 
Vigrass_SeniorThesis
Vigrass_SeniorThesisVigrass_SeniorThesis
Vigrass_SeniorThesis
Jhena Vigrass
 
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
University of Sydney
 
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...
CChangeProgram
 
Research proposal on impect of social media of university students.docx
Research proposal on impect of social media of university students.docxResearch proposal on impect of social media of university students.docx
Research proposal on impect of social media of university students.docx
MDNAYANMia2
 
INTS 3300 Final Research Paper
INTS 3300 Final Research PaperINTS 3300 Final Research Paper
INTS 3300 Final Research Paper
Alex Agnew
 
Big Data, Communities and Ethical Resilience: A Framework for Action
Big Data, Communities and Ethical Resilience: A Framework for ActionBig Data, Communities and Ethical Resilience: A Framework for Action
Big Data, Communities and Ethical Resilience: A Framework for Action
The Rockefeller Foundation
 
Why are some websites successful (at behavioral change) Informs International...
Why are some websites successful (at behavioral change) Informs International...Why are some websites successful (at behavioral change) Informs International...
Why are some websites successful (at behavioral change) Informs International...
Joanne Luciano
 
Introduction to social learning theory - mini lecture #acehp14
Introduction to social learning theory - mini lecture #acehp14Introduction to social learning theory - mini lecture #acehp14
Introduction to social learning theory - mini lecture #acehp14
Brian S. McGowan, PhD, FACEhp
 
Effect of Multitasking on GPA - Research Paper
Effect of Multitasking on GPA - Research PaperEffect of Multitasking on GPA - Research Paper
Effect of Multitasking on GPA - Research Paper
Divya Kothari
 
Strengths And Weaknesses Of Social Research Methods
Strengths And Weaknesses Of Social Research MethodsStrengths And Weaknesses Of Social Research Methods
Strengths And Weaknesses Of Social Research Methods
Sandra Arveseth
 
Co-designing online safety with young people in a post-crisis world.pptx
Co-designing online safety with young people in a post-crisis world.pptxCo-designing online safety with young people in a post-crisis world.pptx
Co-designing online safety with young people in a post-crisis world.pptx
University of Sydney
 
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour ChangeFINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
Philip "Pip" Tsepelidis
 
Research Paper OutlineResearch Topic Negative effects of .docx
Research Paper OutlineResearch Topic Negative effects of .docxResearch Paper OutlineResearch Topic Negative effects of .docx
Research Paper OutlineResearch Topic Negative effects of .docx
audeleypearl
 
Ethical Considerations in the use of Social Media (L. Gelinas)
Ethical Considerations in the use of Social Media (L. Gelinas)Ethical Considerations in the use of Social Media (L. Gelinas)
Ethical Considerations in the use of Social Media (L. Gelinas)
Esmeralda Casas-Silva, Ph.D.
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
Mark Sinclair
 
ReflectionThis course has provided me with a different perspecti.docx
ReflectionThis course has provided me with a different perspecti.docxReflectionThis course has provided me with a different perspecti.docx
ReflectionThis course has provided me with a different perspecti.docx
audeleypearl
 
Program Development and Evaluation (David Diehl, Ph.D.)
Program Development and Evaluation (David Diehl, Ph.D.)Program Development and Evaluation (David Diehl, Ph.D.)
Program Development and Evaluation (David Diehl, Ph.D.)
Kari Brill
 
Week 8 Quantitative Research DesignPrevious Next Instructio.docx
Week 8 Quantitative Research DesignPrevious Next Instructio.docxWeek 8 Quantitative Research DesignPrevious Next Instructio.docx
Week 8 Quantitative Research DesignPrevious Next Instructio.docx
philipnelson29183
 
Well-being A Sunset Conversation
Well-being A Sunset ConversationWell-being A Sunset Conversation
Well-being A Sunset Conversation
Micah Altman
 
Well-Being - A Sunset Conversation
Well-Being - A Sunset ConversationWell-Being - A Sunset Conversation
Well-Being - A Sunset Conversation
Micah Altman
 
IPRRC17
IPRRC17IPRRC17
IPRRC17
Melissa Dodd, Ph.D
 
Human Factors at the Grid Edge
Human Factors at the Grid EdgeHuman Factors at the Grid Edge
Human Factors at the Grid Edge
Cori Faklaris
 
An Introduction to Generative AI
An Introduction to Generative AIAn Introduction to Generative AI
An Introduction to Generative AI
Cori Faklaris
 

More Related Content

Similar to Reframing Organizational Cybersecurity to Design for “Cyber Health”

INTS 3300 Final Research Paper
INTS 3300 Final Research PaperINTS 3300 Final Research Paper
INTS 3300 Final Research Paper
Alex Agnew
 
Big Data, Communities and Ethical Resilience: A Framework for Action
Big Data, Communities and Ethical Resilience: A Framework for ActionBig Data, Communities and Ethical Resilience: A Framework for Action
Big Data, Communities and Ethical Resilience: A Framework for Action
The Rockefeller Foundation
 
Why are some websites successful (at behavioral change) Informs International...
Why are some websites successful (at behavioral change) Informs International...Why are some websites successful (at behavioral change) Informs International...
Why are some websites successful (at behavioral change) Informs International...
Joanne Luciano
 
Effect of Multitasking on GPA - Research Paper
Effect of Multitasking on GPA - Research PaperEffect of Multitasking on GPA - Research Paper
Effect of Multitasking on GPA - Research Paper
Divya Kothari
 
Strengths And Weaknesses Of Social Research Methods
Strengths And Weaknesses Of Social Research MethodsStrengths And Weaknesses Of Social Research Methods
Strengths And Weaknesses Of Social Research Methods
Sandra Arveseth
 
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour ChangeFINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
Philip "Pip" Tsepelidis
 
Research Paper OutlineResearch Topic Negative effects of .docx
Research Paper OutlineResearch Topic Negative effects of .docxResearch Paper OutlineResearch Topic Negative effects of .docx
Research Paper OutlineResearch Topic Negative effects of .docx
audeleypearl
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
Mark Sinclair
 
ReflectionThis course has provided me with a different perspecti.docx
ReflectionThis course has provided me with a different perspecti.docxReflectionThis course has provided me with a different perspecti.docx
ReflectionThis course has provided me with a different perspecti.docx
audeleypearl
 
Program Development and Evaluation (David Diehl, Ph.D.)
Program Development and Evaluation (David Diehl, Ph.D.)Program Development and Evaluation (David Diehl, Ph.D.)
Program Development and Evaluation (David Diehl, Ph.D.)
Kari Brill
 
Week 8 Quantitative Research DesignPrevious Next Instructio.docx
Week 8 Quantitative Research DesignPrevious Next Instructio.docxWeek 8 Quantitative Research DesignPrevious Next Instructio.docx
Week 8 Quantitative Research DesignPrevious Next Instructio.docx
philipnelson29183
 

Similar to Reframing Organizational Cybersecurity to Design for “Cyber Health” (20)

‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
‘Damn those ethics boards!’ How to make sense of an ethics committee approach...
 
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...
 
Research proposal on impect of social media of university students.docx
Research proposal on impect of social media of university students.docxResearch proposal on impect of social media of university students.docx
Research proposal on impect of social media of university students.docx
 
INTS 3300 Final Research Paper
INTS 3300 Final Research PaperINTS 3300 Final Research Paper
INTS 3300 Final Research Paper
 
Big Data, Communities and Ethical Resilience: A Framework for Action
Big Data, Communities and Ethical Resilience: A Framework for ActionBig Data, Communities and Ethical Resilience: A Framework for Action
Big Data, Communities and Ethical Resilience: A Framework for Action
 
Why are some websites successful (at behavioral change) Informs International...
Why are some websites successful (at behavioral change) Informs International...Why are some websites successful (at behavioral change) Informs International...
Why are some websites successful (at behavioral change) Informs International...
 
Introduction to social learning theory - mini lecture #acehp14
Introduction to social learning theory - mini lecture #acehp14Introduction to social learning theory - mini lecture #acehp14
Introduction to social learning theory - mini lecture #acehp14
 
Effect of Multitasking on GPA - Research Paper
Effect of Multitasking on GPA - Research PaperEffect of Multitasking on GPA - Research Paper
Effect of Multitasking on GPA - Research Paper
 
Strengths And Weaknesses Of Social Research Methods
Strengths And Weaknesses Of Social Research MethodsStrengths And Weaknesses Of Social Research Methods
Strengths And Weaknesses Of Social Research Methods
 
Co-designing online safety with young people in a post-crisis world.pptx
Co-designing online safety with young people in a post-crisis world.pptxCo-designing online safety with young people in a post-crisis world.pptx
Co-designing online safety with young people in a post-crisis world.pptx
 
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour ChangeFINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
FINAL PRESENTATION - Mobile Technology & Consumer Behaviour Change
 
Research Paper OutlineResearch Topic Negative effects of .docx
Research Paper OutlineResearch Topic Negative effects of .docxResearch Paper OutlineResearch Topic Negative effects of .docx
Research Paper OutlineResearch Topic Negative effects of .docx
 
Ethical Considerations in the use of Social Media (L. Gelinas)
Ethical Considerations in the use of Social Media (L. Gelinas)Ethical Considerations in the use of Social Media (L. Gelinas)
Ethical Considerations in the use of Social Media (L. Gelinas)
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
 
ReflectionThis course has provided me with a different perspecti.docx
ReflectionThis course has provided me with a different perspecti.docxReflectionThis course has provided me with a different perspecti.docx
ReflectionThis course has provided me with a different perspecti.docx
 
Program Development and Evaluation (David Diehl, Ph.D.)
Program Development and Evaluation (David Diehl, Ph.D.)Program Development and Evaluation (David Diehl, Ph.D.)
Program Development and Evaluation (David Diehl, Ph.D.)
 
Week 8 Quantitative Research DesignPrevious Next Instructio.docx
Week 8 Quantitative Research DesignPrevious Next Instructio.docxWeek 8 Quantitative Research DesignPrevious Next Instructio.docx
Week 8 Quantitative Research DesignPrevious Next Instructio.docx
 
Well-being A Sunset Conversation
Well-being A Sunset ConversationWell-being A Sunset Conversation
Well-being A Sunset Conversation
 
Well-Being - A Sunset Conversation
Well-Being - A Sunset ConversationWell-Being - A Sunset Conversation
Well-Being - A Sunset Conversation
 
IPRRC17
IPRRC17IPRRC17
IPRRC17
 

More from Cori Faklaris

Human Factors at the Grid Edge
Human Factors at the Grid EdgeHuman Factors at the Grid Edge
Human Factors at the Grid Edge
Cori Faklaris
 
Components of a Model of Cybersecurity Behavior Adoption
Components of a Model of Cybersecurity Behavior AdoptionComponents of a Model of Cybersecurity Behavior Adoption
Components of a Model of Cybersecurity Behavior Adoption
Cori Faklaris
 
A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)
Cori Faklaris
 
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Cori Faklaris
 
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
Cori Faklaris
 

More from Cori Faklaris (15)

Human Factors at the Grid Edge
Human Factors at the Grid EdgeHuman Factors at the Grid Edge
Human Factors at the Grid Edge
 
An Introduction to Generative AI
An Introduction to Generative AIAn Introduction to Generative AI
An Introduction to Generative AI
 
Components of a Model of Cybersecurity Behavior Adoption
Components of a Model of Cybersecurity Behavior AdoptionComponents of a Model of Cybersecurity Behavior Adoption
Components of a Model of Cybersecurity Behavior Adoption
 
Behavior Change Using Social Influences
Behavior Change Using Social InfluencesBehavior Change Using Social Influences
Behavior Change Using Social Influences
 
Designing for Usable Security and Privacy
Designing for Usable Security and PrivacyDesigning for Usable Security and Privacy
Designing for Usable Security and Privacy
 
A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)A Self-Report Measure of End-User Security Attitudes (SA-6)
A Self-Report Measure of End-User Security Attitudes (SA-6)
 
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...
 
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...
 
Social Media Best Practices - CMU Fall 2017
Social Media Best Practices - CMU Fall 2017Social Media Best Practices - CMU Fall 2017
Social Media Best Practices - CMU Fall 2017
 
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...
 
"Visualizing Email Content": Article discussion slides
"Visualizing Email Content": Article discussion slides"Visualizing Email Content": Article discussion slides
"Visualizing Email Content": Article discussion slides
 
Together: An app to foster community for young urbanites
Together: An app to foster community for young urbanitesTogether: An app to foster community for young urbanites
Together: An app to foster community for young urbanites
 
The State of E-Discovery as Social Media Goes Mobile
The State of E-Discovery as Social Media Goes Mobile The State of E-Discovery as Social Media Goes Mobile
The State of E-Discovery as Social Media Goes Mobile
 
5 ideas for paying for college as an adult returning student
5 ideas for paying for college as an adult returning student5 ideas for paying for college as an adult returning student
5 ideas for paying for college as an adult returning student
 
Social media boot camp: "HeyCori"'s tips for successful engagement online
Social media boot camp: "HeyCori"'s tips for successful engagement onlineSocial media boot camp: "HeyCori"'s tips for successful engagement online
Social media boot camp: "HeyCori"'s tips for successful engagement online
 

Recently uploaded

Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 

Recently uploaded (20)

How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 

Reframing Organizational Cybersecurity to Design for “Cyber Health”

  • 1. Reframing Organizational Cybersecurity to Design for “Cyber Health” Cori Faklaris | July 15, 2018 Presentation to the 2018 Organizational Science and Cybersecurity Workshop, George Mason University, Fairfax, VA, USA
  • 2. 1. About me 2. Background for my work 3. Big idea 4. How to use this big idea (in theory) 5. Does this big idea work in practice Agenda Cori Faklaris - July 2018 - Carnegie Mellon University - Page 2
  • 3. ● PhD student researcher at Carnegie Mellon HCII ○ Social cybersecurity, Design of information systems, Emerging trends in social media and messaging apps ● M.S., Human-Computer Interaction ○ Indiana University School of Informatics and Computing ○ Thesis: The State of Digital ‘Fair Use’ ● B.S., Journalism, News-Editorial sequence ○ University of Illinois at Urbana-Champaign College of Media ● Social Media Consultant and Editor/Writer ● Previous job titles in news media included: ○ Engagement Producer, Page Designer, Copy Editor, Correspondent, Columnist, Reporter ... ○ “Doer of Things No One Else Wants to Do” (IT, UX :-) 3Cori Faklaris - July 2018 - Carnegie Mellon University - Page 3
  • 4. 4
  • 5. Many problems in human-computer interaction are ill-defined, complex and/or involve unknown factors. The “Design Thinking” methodology provides a solutions-based approach to solving these problems. https://www.interaction-design.org/literature/article/5-stages-in-the-design-thinking-process 5 Empathize Define Ideate TestPrototype Cori Faklaris - July 2018 - Carnegie Mellon University - Page 5
  • 6. “Wicked Problems”: As opposed to “tame problems” or one-and-done engineering problems, these are social conditions that call for sustained, empowered action - and for which solving one problem often creates another problem. Horst W.J. Rittel and Melvin M. Webber. 1973. “Dilemmas in a general theory of planning.” Policy sciences, 4(2), 155-169. 6Cori Faklaris - July 2018 - Carnegie Mellon University - Page 6
  • 7. ● Use multiple systems ● Be flexible in approaches ● Work collaboratively Christopher Crouch and Jane Pearce. 2012. Doing Research in Design. Bloomsbury. 7Cori Faklaris - July 2018 - Carnegie Mellon University - Page 7
  • 8. Is Organizational Cybersecurity a “Wicked Problem?” ● A lack of definitive formulation. ● No stopping rule that determines when a solution has been found. ● Good or bad solutions rather than true or false solutions. ● Lack of immediate and ultimate tests of solutions. ● Solutions are “one-shot” operations rather than trial and error. ● Lack of criteria that indicate all solutions have been identified. ● The uniqueness of every wicked problem. 8Cori Faklaris - July 2018 - Carnegie Mellon University - Page 8
  • 10. Transtheoretical Model of (Health) Behavior Change ● Based on James Prochaska, Carlo DiClemente and others’ work on “self-change” for smokers, substance abusers, anorexics, more. ● Attempt to pull together concepts from many different psychosocial theories into one model covering the spectrum of readiness to change. ○ Precontemplation, Contemplation, Preparation, Action, Relapse, Maintenance. ○ Termination is considered an idealistic stage and often not achieved in practice. ● In this model, humans’ readiness to change is the result of a decisional balance of pros and cons for the self and for significant others (Janis & Mann, 1977) along with self-efficacy and temptation. ○ Different cognitive values are emphasized at different stages of change. ○ Different processes are emphasized at each stage of change to move people from one stage to the next. 10Cori Faklaris - July 2018 - Carnegie Mellon University - Page 10
  • 11. Source: “The Transtheoretical Model ( Stages of Change)”. 2016. Boston University School of Public Health. Last visited Feb. 7, 2018 at http://sphweb.bumc.bu.edu/otlt/MPH-Modules/SB/BehavioralChangeTheories/BehavioralChangeTheories6.html (Awareness) (Motivation) (Knowledge) (Resistance) (Reinforcement) (Denial) 11
  • 13. 13
  • 14. 14
  • 15. 15
  • 16. 16
  • 17. 17 Fish’n’Steps: Encouraging physical activity with an interactive computer game James J. Lin, Lena Mamykina, Silvia Lindtner, Gregory Delajoux, and Henry B. Strub. 2006. In International conference on ubiquitous computing, 261–278. Cori Faklaris - July 2018 - Carnegie Mellon University - Page 17
  • 18. 18 Research plan to test TTM as security design model ● Create security interventions that help end users to reflect on their security practices and leverages their natural interest in helping themselves and their significant others - family, friends, partners, work teams, other social groups - to get things done and to maintain bonds. ○ Already exist and/or are in development for the Social Cybersecurity project. ○ Quiz on cybersecurity knowledge, a game application to simulate an IT help desk working on software updates, a browser plugin to crowdsource recommended settings for social media accounts, Thumprint user-authentication system. ● Assess whether there is evidence that the interventions help to move them from one Stage of Change to another stage. ○ Developing Security Sensitivity psychometric scale. ○ Conduct interviews with participants and log their system actions. Cori Faklaris - July 2018 - Carnegie Mellon University - Page 18
  • 19.
  • 20. ● Lens: Security as health ● Design model adapts TTM ● How to use the model Any questions? You can find me at ○ Twitter: @heycori | Email: heycori @cmu.edu ○ Website: http://corifaklaris.com 20 20Cori Faklaris - July 2018 - Carnegie Mellon University - Page 20