Verena Zimmermann, ETH Zürich
From 12.00 until 13.30
At CNB/F/110 (Lunch) + CAB G 52 (Seminar), ETH Zurich
CNB/F/110 (Lunch) + CAB G 52 (Seminar), ETH Zurich
Abstract:
The role of the human for security and privacy is highly relevant, e.g., when it comes to secure authentication, communication, or the detection of phishing e-mails. As such, the human is an important element in today’s security-critical systems. Yet, humans have often been considered a weak link as it is finally them who create weak passwords or click on phishing links. Measures to prevent these insecure behaviours include automation, training or the creation of policies. But why do users behave insecurely in the first place? And how can we change that?
This talk first aims to shine light on the psychological aspects of IT security and privacy that help to understand human security behaviour. Second, it will provide examples from different application areas that show how the consideration of human factors can support the design of more usable security and privacy solutions. Third, it will outline a mindset that suggests to go even one step further: Rather than only viewing the human as a weak link to be dealt with, the mindset suggests to view the human as potential solution with regards to security and privacy. The talk will discuss ideas and challenges for this change in perspective and for enabling the human to be an active contributor to security.
Join us in CNB/F/110 (Lunch) + CAB G 52 (Seminar).