IMPRINTS (Identity Management – Public Responses to Identity Technologies and Services) was a comparative and multidisciplinary research project, asking about the influences on UK and US publics to engage and/or disengage with identity management practices, services and technologies of the future. These involved, among others, new forms of biometric authentication; innovative ‘smart’ tokens like ID or customer cards, jewellery, garment, or further enhanced smart phones. These technologies have become subject to paradoxical processes of acceptance and rejection, with members of the public warmly embracing the one and fiercely rejecting the other. In this research we gained a better understanding of these paradoxes in order to facilitate public debate, policy development and user-centric applications.
More information: www.imprintsfutures.com
Personal data and its protection is a key feature of the new GDPR. This includes clear limitations on is collection, storage and use being outlined in law, but also requires disclosure of data breaches, for which a high financial penalty may be applied. Our research has demonstrated that the accumulation and failure to delete digital data is very common, and lack of individual and organisational awareness of exactly what data is being held, may lead to inadvertent lack of compliance with GDPR, and also have cybersecurity implications. In this project we aim to measure the extent of digital accumulation of personal data, and interview stakeholder employees and management to assess the extent of this issue, and how effective are current organizational attempts to address employee understanding and compliance. We also aim to gain insight into developing intervention strategies to encourage employees to think more carefully about email deletion, especially in relation to personal data.
Choice Architecture for Information Security is a project within the Research Institute in the Science of Cyber Security, a joint initiative between EPSRC and GCHQ. The project is a collaboration between Newcastle University and Northumbria University. In particular, it involves researchers from Northumbria University’s Psychology and Communication Technology (PaCT) Lab and Warning, Advice & Reporting Point (nuWARP) and Newcastle University’s School of Computing Science and Centre for Cybercrime and Computer Security (CCCS).
For more information about the ChAISE project, please select one of the following two links:
CYBECO will research, develop, demonstrate, evaluate and exploit a new framework for managing cybersecurity risks, one that is focusing on cyberinsurance, as key risk management treatment. CYBECO integrates multidisciplinary research methods from Behavioural Economics, Statistics, Game and Decision Theory, Security Engineering and Behavioral Psychology in order to develop new concepts and models that are combined within a prototype software architecture (CYBECO Toolbox 2.0). CYBECO recognizes that the cyberinsurance domain is not adequately developed, partly due to the lack of sufficiently large statistical data sample and partly due to the difficulties customers face when deciding on their cyberinsurance investment options. CYBECO will address both these barriers, aiming at delivering advances clearly positioned beyond the State-of-the-Art. We plan to implement a prototype tool that will demonstrate and promote the CYBECO model and concepts. We then foresee to perform behavioural experiments to validate current institutional cybersecurity frameworks and to provide relevant policy insights, particularly in reference to behavioural nudges in cybersecurity. The CYBECO consortium is composed by complementary partners, coming from the addressed research, technological and market domains, that have a proven track record of high quality research capacity. Thus, the carefully structured workplan, embodies a holistic approach towards meeting the CYBECO objectives and delivering market-relevant outcomes of significant exploitation potential.
In the cSALSA project, we take a lifespan approach to studying how cyber-security is understood, and the attitudes and behaviours of people to cyber-security and risk.
The project studies cyber-security across three main life stages – amongst young people, those of working age, and older people. The research project focuses on how people’s attitudes and behaviours towards cyber-security and risk change across the lifespan in sync with their goals and aspirations, cognitive abilities and knowledge and ability to control and adapt their cyber-security behaviour.
Importantly, we recognize that neither cyber-security related behaviours nor life course development occur in a vacuum. Rather, they are part of a complex inter-play of individual characteristics, elements shared with others in a particular life stage, and the dynamic context in which the person finds themselves. These contexts include aspects of family life, organizational structures, cognitive capacity and knowledge, and social support networks.