Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Users are not stupid: Six cyber security pitfalls overturned
Cyber Security: A Peer-Reviewed Journal,
6
(3),
230-241
(2023)
Abstract
The skilled and dedicated professionals who strive to improve cyber security may unwittingly fall victim to misconceptions and pitfalls that hold other people back from reaching their full potential of being active partners in security. These pitfalls often reflect the cyber security community’s dependence on technology and failure to fully appreciate the human element. This paper offers cyber security professionals a primer so they can recognise and overcome six human element pitfalls in cyber security. In addition to gaining an awareness of these pitfalls, readers will learn about specific strategies on how to improve cyber security and empower users by addressing the human element in their organisations’ cyber security products, processes and policies.
Keywords: cyber security; usability; usable security; human element; users
The full article is available to subscribers to the journal.
Author's Biography
Julie Haney conducts research about the human element of cyber security, including the usability and adoption of cyber security solutions, work practices of cyber security professionals and people’s perceptions of privacy and cyber security. She has been an invited speaker at numerous cyber security forums spanning industry, government and academia, and has published peer-reviewed articles in both research and practitioner publications. Prior to joining NIST in 2018, Julie spent over 20 years working in the U.S. Department of Defense as a cyber security professional and technical director where she conducted vulnerability assessments, wrote widely used cyber security guidance, and advocated for the adoption of cyber security mitigations. She has a PhD in human-centred computing from University of Maryland, Baltimore County, an MSc in computer science from University of Maryland and a BSc in computer science from Loyola University Maryland.
