By learning how other unrelated sectors and domains successfully build trust and communicate risk it is hoped that the IT industry can encourage computer users to behave in a far more secure manner when surfing the internet and doing business in cyber space.
A competition for a human factors working group has been launched by the DTI (Department for Trade and Industry) -funded Cyber Security Knowledge Transfer Network (KTN) to reflect concern that more needs to be done to help users of cyber space protect themselves and the UK's critical infrastructure from the increase in cyber attacks and organised e-crime. Criminals and hackers frequently dupe users into releasing sensitive and valuable information or introducing viruses onto their computers and associated networks, often employing sophisticated social engineering techniques to exploit these human weaknesses.
The IT security community has given only patchy consideration to these human factors issues and the KTN working group, participation in which will be funded up to a value of £50,000, has been tasked with outlining best practice and insights from other disciplines. Experts in marketing, sociology, cognitive psychology, the psychology of faith and cult groups, design and ergonomics could be consulted.
QinetiQ's Sadie Creese, director of the Cyber Security KTN, said: "In the digital age, where we are increasingly connected to each other, a vulnerability introduced because of one person's actions can have implications throughout a whole network. The bad guys understand this and exploit these user-based weaknesses very effectively.
"As a community we have a responsibility to help users protect themselves and, by extension, protect all of us. Rather than address this challenge in an insular way we feel we can benefit from the experience and expertise of other unrelated domains. We remain open-minded as to which domains are consulted. This will be defined by the winning proposal."
The working group will investigate practical measures the community might adopt to improve security practices. The KTN is particularly interested in:
- communicating the risks associated with interactions in the cyber community domain, with particular emphasis on use of the Internet;
- building trust in cyber security technologies, solutions and practices;
- building demand for cyber security solutions;
- developing cyber security software and solutions which are easy to use by non-expert users.
A white paper will be produced early next year detailing the approaches that will have the greatest potential practical application and impact. This will be placed into the public domain by the KTN.
The Cyber Security KTN, managed and directed by QinetiQ, was established earlier this year to tackle some of the universal digital security challenges facing the UK by drawing together the country's best industry, academia and government digital security expertise.
Other KTN activities include a group established to address how to best deploy and manage a global identity management system, a group examining the business models for trusted computing and another group looking at how best to measure the level of risk users are exposed to when using the internet.
Ben White | alfa
Stable magnetic bit of three atoms
21.09.2017 | Sonderforschungsbereich 668
Drones can almost see in the dark
20.09.2017 | Universität Zürich
A warming planet
19.09.2017 | Event News
12.09.2017 | Event News
06.09.2017 | Event News
25.09.2017 | Physics and Astronomy
25.09.2017 | Trade Fair News
25.09.2017 | Physics and Astronomy