PLAY PODCASTS
The Human in_security - deception, weapons, crime & culture
Episode 119

The Human in_security - deception, weapons, crime & culture

In this episode we have a wide ranging discussion on the human in cybersecurity with Dr. Iain Reid from the University of Portsmouth. We get into the application of psychology to cybersecurity including deception, risk perception, and responsibility We talk about who carries the burden of defence, how software developers think about security, and what deception looks like in both cybercrime and cyberwarfare.

Cybercrimeology

July 1, 202527m 37s

Audio is streamed directly from the publisher (cdn.simplecast.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

About our guest:

Dr. Iain Reid

Senior Lecturer in Cybercrime

University of Portsmouth

https://www.port.ac.uk/about-us/structure-and-governance/our-people/our-staff/iain-reid

 

Topics discussed in this episode:

  • How principles of military deception map onto cybersecurity
  • Why the phrase “the human is the weakest link” oversimplifies risk
  • What it’s like to research developer perspectives on secure software
  • The psychology of decision-making in phishing attacks
  • How time pressure influences risky digital behaviour
  • The limits of “security culture” as an organizational solution
  • How cyber deception fits within defence-in-depth

 

Papers or resources mentioned:

Reid, I., Okeke-Ramos, A., & Serafin, M. (2024). Exploring the ethics of cyber deception technologies for defensive cyber deception. In P. Bednar, J. Kävrestad, E. Bergström, M. Rajanen, H. V. Hult, A. M. Braccini, A. S. Islind, & F. Zaghloul (Eds.), Proceedings of the 10th International Conference on Socio-Technical Perspectives in Information Systems (STPIS 2024) (pp. 140-148). (CEUR Workshop Proceedings). https://ceur-ws.org/Vol-3857

Whaley, B. (2007). Stratagem: deception and surprise in war. Artech.

Rowe, N.C., Rrushi, J. (2016). Measuring Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_11

Ashenden, D., Ollis, G., & Reid, I. (2022, October). Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (pp. 1-9).

Paris Call for Trust and Security in Cyberspace

https://pariscall.international

 

Other

I would like to thank Dudley the French Bulldog for the invaluable (unavoidable) contribution to this episode.

Topics

academiahuman-factordeceptionresearchphishingcybersecurityeducation
← All episodes of Cybercrimeology