The human factor in cybersecurity is frequently assessed by means of awareness campaigns. Although awareness is one ingredient for behavioural change, efforts to increase awareness have had limited effect on actual cybersecure behaviour. This is due to the fact; knowing what you should do is not the same as actually doing it. So, in order to achieve a more cybersecure environment, one should focus on behaviour as end goal. Our team of psychologists investigated the reasons why desired cybersecure behaviours are not performed yet. The results show that besides awareness, or rather ability, two other factors determine whether behaviour takes place or not: motivation and opportunity. By applying these insights we go beyond awareness and contribute to actual more secure behaviour.
Details
time: 12:20
speakers: Inge Wetzer
Other sessions:
How to Determine Reasonable Security?
You Should Get Some (Cyber) Exercise!
Cyber Supervision in the Netherlands
Monitoring and Cleaning Up Infected IoT Devices in the Netherlands
The Italian Cyber Security Landscape: Building a Resilient Nation
Current State and Development of DNS Security and Privacy