Nav: Home

Same computer password for the last 10 years? You might need a vibrating cybernudge

May 15, 2019

Technology used in exercise and lifestyle apps may hold the key to answering that most difficult of challenges - getting people to change their passwords and better protect their online privacy and data.

Over the last five years the cost of cyberattacks is reported to have risen by 67%, with the majority of these data breaches being traced back to human error. It is anticipated that 75% of UK companies plan to address human factors in cyberattacks in the next three years in an attempt to mitigate this.

Taking inspiration from exercise and fitness apps that successfully nudge people to make behavioural change, researchers from the University of Bath and Goldsmiths, University of London are investigating whether a simple device that plugs in to a PC and signals when action is needed with gentle sound, lights or vibration could make the difference.

People routinely put off, ignore or forget cyber security measures such as changing passwords, updating privacy settings and locking computer screens. And traditional cyber security training is failing to galvanise people to act on straightforward security measures.

Dr Emily Collins, Research Associate at the University of Bath's School of Management, said: "Humans are the weak link in cyber security. We know that people feel overloaded with data breaches reported in the news and overwhelmed about what they should be doing to protect themselves. Many of us know we're not on top of security, but translating that nagging worry into positive action just isn't happening. It's leaving us all open to serious security threats."

The researchers hope the project, with funding from the Home Office via the National Cyber Security Programme, will help to build better habits through a subtle desktop reminder designed to gently nudge people into action without it becoming an annoyance or distraction.

"Work-based training on cyber security is generally very conventional, often just delivered as a one-off when people join an organisation. There's scope to learn from health psychology to pinpoint what motivates people to take action to protect their cyber security. Our project recognises that people can respond to a gentle, well-timed nudge and is investigating the most effective way of doing that," Dr Collins said.

The project, entitled Encouraging cyber security behaviour through gentle interventions: Can ambient displays support users in making more secure decisions? will use Adafruit Circuit Playgrounds, which can be programmed to detect when people leave their desks for example and remind them to lock their screen through a sequence of lights, sounds or vibrations.

The research team will create a working prototype with open-source code to be available to businesses later in the year. It could be tailored for home use in the future.

Dr Sarah Wiseman, lecturer in computer science at Goldsmiths, University of London, said: "The Adafruit Circuit Playgrounds are a fantastic opportunity to do some rapid prototyping with participants. The inbuilt functionality on the boards means that you don't need much experience with electronics to take a conacept from idea to reality."

The research team, including Dr Joanne Hinds, Research Associate at Bath, is inviting people to take part in a creative element of the study by drawing their cyber security concerns and solutions. The findings will help the team to develop more innovative, creative ways to tackle cyber security problems. For more information, or to take part, visit https://tinyurl.com/yxluc6lf.
-end-


University of Bath

Related Cyber Security Articles:

Under cyber attack: UH researchers look at how to catch a 'phisher'
As cybersecurity experts scramble to stop another wave of ransomware and malware scams that have infected computers around the world, computer science experts at the University of Houston are 'phishing' for reasons why these types of attacks are so successful.
Sonic cyber attack shows security holes in ubiquitous sensors
Sound waves could be used to hack into critical sensors in a broad array of technologies including smartphones, automobiles, medical devices and the Internet of Things, University of Michigan research shows.
Body of knowledge to provide foundations for training next generation of cyber security specialists
A comprehensive 'Body of Knowledge' to inform and underpin education and professional training for the cyber security sector is set to be created through a major international program of work.
NTU and FireEye join forces to grow the ranks of Singapore's cyber security experts
Nanyang Technological University, Singapore (NTU Singapore) and leading cyber security company FireEye are inking a partnership to explore new areas in cyber security research, and to develop courses to meet the rising demand for cyber security professionals needed to help defend critical networks.
Cyber attacks increase stress hormone levels and perceptions of vulnerability
A new study shows that individuals exposed to a simulated cyber-terror attack had significantly increased levels of the stress hormone cortisol in their saliva compared to a control group.
Streamlining the Internet of Things and other cyber-physical systems
In an Institute of Electrical and Electronics Engineers (IEEE) keynote paper, computer engineers lay out a framework to improve research on cyber-physical systems.
Greater readiness repels cyber threats to manufacturers
Together with the National Emergency Supply Agency and the private sector, VTT Technical Research Centre of Finland has developed tailored solutions bringing improved cyber security and disruption-free operations to manufacturers.
New software continuously scrambles code to foil cyber attacks
New code-scrambling software developed at Columbia sets a deadline on malicious hackers, effectively closing the window of opportunity for so-called code-reuse attacks.
Cyber Security Survey reveals darknet use higher among 18- to 24-year-olds
The survey, now in its third year, also revealed that at least 4 percent of British adults have been victims of ransomware, where their computer has had malware installed, which encrypts their data and then faced demands for a payment to restore it back to normal.
HFES Annual Meeting presentations to focus on human factors in cyber security
The more data that goes mobile, the greater is exposure to vulnerabilities, requiring a deeper understanding of human factors so that cyber security systems and processes can be improved.

Related Cyber Security Reading:

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Jumpstarting Creativity
Our greatest breakthroughs and triumphs have one thing in common: creativity. But how do you ignite it? And how do you rekindle it? This hour, TED speakers explore ideas on jumpstarting creativity. Guests include economist Tim Harford, producer Helen Marriage, artificial intelligence researcher Steve Engels, and behavioral scientist Marily Oppezzo.
Now Playing: Science for the People

#524 The Human Network
What does a network of humans look like and how does it work? How does information spread? How do decisions and opinions spread? What gets distorted as it moves through the network and why? This week we dig into the ins and outs of human networks with Matthew Jackson, Professor of Economics at Stanford University and author of the book "The Human Network: How Your Social Position Determines Your Power, Beliefs, and Behaviours".