In this episode we have a wide ranging discussion on the human in cybersecurity with Dr. Iain Reid from the University of Portsmouth. We get into the application of psychology to cybersecurity including deception, risk perception, and responsibility We talk about who carries the burden of defence, how software developers think about security, and what deception looks like in both cybercrime and cyberwarfare.
About our guest:
Dr. Iain Reid
Senior Lecturer in Cybercrime
University of Portsmouth
https://www.port.ac.uk/about-us/structure-and-governance/our-people/our-staff/iain-reid
Topics discussed in this episode:
Papers or resources mentioned:
Reid, I., Okeke-Ramos, A., & Serafin, M. (2024). Exploring the ethics of cyber deception technologies for defensive cyber deception. In P. Bednar, J. Kävrestad, E. Bergström, M. Rajanen, H. V. Hult, A. M. Braccini, A. S. Islind, & F. Zaghloul (Eds.), Proceedings of the 10th International Conference on Socio-Technical Perspectives in Information Systems (STPIS 2024) (pp. 140-148). (CEUR Workshop Proceedings). https://ceur-ws.org/Vol-3857
Whaley, B. (2007). Stratagem: deception and surprise in war. Artech.
Rowe, N.C., Rrushi, J. (2016). Measuring Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_11
Ashenden, D., Ollis, G., & Reid, I. (2022, October). Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (pp. 1-9).
Paris Call for Trust and Security in Cyberspace
https://pariscall.international
Other
I would like to thank Dudley the French Bulldog for the invaluable (unavoidable) contribution to this episode.