In the cSALSA project, we take a lifespan approach to studying how cyber-security is understood, and the attitudes and behaviours of people to cyber-security and risk.

The project studies cyber-security across three main life stages – amongst young people, those of working age, and older people. The research project focuses on how people’s attitudes and behaviours towards cyber-security and risk change across the lifespan in sync with their goals and aspirations, cognitive abilities and knowledge and ability to control and adapt their cyber-security behaviour.

Importantly, we recognize that neither cyber-security related behaviours nor life course development occur in a vacuum. Rather, they are part of a complex inter-play of individual characteristics, elements shared with others in a particular life stage, and the dynamic context in which the person finds themselves. These contexts include aspects of family life, organizational structures, cognitive capacity and knowledge, and social support networks.

Website: www.csalsa.uk

Author: James Nicholson

James is a Lecturer in the School of Computer and Information Sciences. James is interested in many aspects of cybersecurity and privacy, including usable security, social engineering, lay users’ understanding of cybersecurity, multifactor authentication, everyday surveillance, and inclusive cybersecurity. Previously, James was a senior researcher in PaCT Lab working on the Cybersecurity Across the Lifespan (cSALSA) project. The project explores how cyber-security is understood, and the attitudes and behaviours of people to cyber-security and risk. During his time in PaCT Lab, James also worked on Choice Architecture for Information Security (ChAISe), Digital Economy Research Centre (DERC), and the Horizon 2020 project CYBECO. Prior to PaCT Lab, James worked at Open Lab, Newcastle University on the TEDDI and SiDE projects. James’ work has focused on improving user authentication, both by repurposing existing graphical authentication systems and by evaluating novel ones. He is also interested in user privacy and how groups of users (children, parents, older adults) experience location tracking technologies, as well as how CCTV video can be crowdsourced to de-centralise the surveillance landscape. More recently, he has developed tools and methodologies for uncovering and understanding employees’ mental models of security threats with the aim of improving training programmes and/or organisational policies, as well as practical means for improving users’ protection against these security threats (e.g. phishing). James obtained his BSc (Information Systems) from Newcastle University in 2008, and his MRes Psychology from Northumbria University in 2009. James’ PhD work – completed in 2012 – explored user authentication in the context of older adults under the supervision of Professor Lynne Coventry and Professor Pam Briggs.