The Human in_security - deception, weapons, crime & culture

About our guest:Dr. Iain ReidSenior Lecturer in CybercrimeUniversity of Portsmouthhttps://www.port.ac.uk/about-us/structure-and-governance/our-people/our-staff/iain-reid Topics discussed in this episode:How principles of military deception map onto cybersecurityWhy the phrase “the human is the weakest link” oversimplifies riskWhat it’s like to research developer perspectives on secure softwareThe psychology of decision-making in phishing attacksHow time pressure influences risky digital behaviourThe limits of “security culture” as an organizational solutionHow cyber deception fits within defence-in-depth Papers or resources mentioned:Reid, I., Okeke-Ramos, A., & Serafin, M. (2024). Exploring the ethics of cyber deception technologies for defensive cyber deception. In P. Bednar, J. Kävrestad, E. Bergström, M. Rajanen, H. V. Hult, A. M. Braccini, A. S. Islind, & F. Zaghloul (Eds.), Proceedings of the 10th International Conference on Socio-Technical Perspectives in Information Systems (STPIS 2024) (pp. 140-148). (CEUR Workshop Proceedings). https://ceur-ws.org/Vol-3857Whaley, B. (2007). Stratagem: deception and surprise in war. Artech.Rowe, N.C., Rrushi, J. (2016). Measuring Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_11Ashenden, D., Ollis, G., & Reid, I. (2022, October). Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (pp. 1-9).Paris Call for Trust and Security in Cyberspacehttps://pariscall.international OtherI would like to thank Dudley the French Bulldog for the invaluable (unavoidable) contribution to this episode.