Steven Furnell (short bio)
Plymouth University, United Kingdom
Monday, 23 June 2014, 09:00 - 12:30
To raise awareness of the role that people play within cybersecurity, and the ways in which processes and technologies are required to support them in this context.
It is increasingly recognised that effective security cannot be achieved without ensuring appropriate buy-in and understanding from the users involved. This session will examine the crucial role that people consequently play in the context of cybersecurity, and the ways in which the surrounding technologies and processes are needed to support them.
The first segment considers the issue of security culture, examining the means by which users can be encouraged to consider and practice security in their day-to-day activities. Underlying topics here will range from the need for a suitable security policy, accompanied by effective means of promoting awareness and training around it, and the factors that need to be recognised when promoting security to a potentially complacent (and possibly even resistant) audience.
From this foundation, focus then turns towards the importance of security technologies and the range of examples that typical users are likely to encounter. A key issue here is the usability of the approaches, encompassing aspects such as whether users can understand the information presented to them and the decisions they may be asked to make, and the overhead imposed by the technology in terms of time commitment and performance. All of these aspects can have a tangible impact upon the user experience, and whether their systems and data will ultimately receive appropriate protection.
Any attendees (from the HAS thematic area or the wider conference) with an interest in understanding the need for security culture and the importance of usable security technologies.
Prof. Steven Furnell is the head of the Centre for Security, Communications & Network Research at Plymouth University in the United Kingdom, and an Adjunct Professor with Edith Cowan University in Western Australia. His interests include security management and culture, computer crime, user authentication, and security usability. Prof. Furnell is active within three working groups of the International Federation for Information Processing (IFIP) - namely Information Security Management, Information Security Education, and Human Aspects of Information Security & Assurance. He is the author of over 240 papers in refereed international journals and conference proceedings, as well as books including Cybercrime: Vandalizing the Information Society (2001) and Computer Insecurity: Risking the System (2005). He is also the editor-in-chief of Information Management & Computer Security, and the co-chair of the Human Aspects of Information Security & Assurance (HAISA) symposium. Steve is active in a variety of professional bodies, and is a Fellow of the BCS, a Senior Member of the IEEE, and a full member of the Institute of Information Security Professionals. Further details can be found at www.plymouth.ac.uk/cscan, with a variety of security podcasts also available via www.cscan.org/podcasts. Steve can also be followed on Twitter (@smfurnell).