Cyber Crime and Human Factors

IT systems are constantly evolving, both in terms of their level of technical sophistication and complexity, and capability to mitigate potential security threats. Current software systems are more reactive than proactive in terms of detecting security threats and protecting against system vulnerabilities. This will likely continue for the foreseeable future. As a result, cyber-attacks and hacks are easier to implement, users of all types and levels of experience are more easily deceived, and systems easier to compromise. For instance, email phishing—where users are deceived into executing malicious code on their own system—is now commonplace, which can render systems inoperable and hold end users to ransom. Although some safeguards are usually put in place, the detection of these and similar attacks, as well as taking necessary precautions and mitigating actions, are often the sole responsibility of the end user or system operator. This presents a considerable cognitive, social and technical challenge. A core ambition of cyber-security research within the SSI is to support cyber sensemaking and situation awareness and implement strong safeguards to prevent user-focused attacks from occurring.

Please see our Cyber Security PhD Scholarships.