Parkin, S; Chua, YT; (2021) Refining the Blunt Instruments of Cybersecurity: A Framework to Coordinate Prevention and Preservation of Behaviours. In: Proceedings of the 10th International Workshop on Socio-Technical Aspects in Security. Springer: Guildford, UK. (In press).

Preview

Text STAST2020.pdf - Accepted Version Download (607kB) | Preview

Abstract

Background. Cybersecurity controls are deployed to manage risks posed by malicious behaviours or systems. What is not often considered or articulated is how cybersecurity controls may impact legitimate users (often those whose use of a managed system needs to be protected, and preserved). This characterises the ‘blunt’ nature of many cybersecurity controls. Aim. Here we present a synthesis of methods from cybercrime opportunity reduction and behaviour change. Method. We illustrate the method and principles with a range of examples and a case study focusing on online abuse and social media controls,relating in turn to issues inherent in cyberbullying and tech-abuse. Results. The framework describes a capacity to improve the precision of cybersecurity controls, identifying opportunities for risk owners to better protect legitimate users while simultaneously acting to prevent malicious activity in a managed system. Conclusions. We describe capabilities for a novel approach to managing sociotechnical cyber-risk, which can be integrated into typical risk management processes, to allow for side-by-side consideration of efforts to prevent and preserve different behaviours in a system, by examining their shared determinants.

Download activity - last month

Export as JSONXMLCSV

Download activity - last 12 months

Export as XMLCSVJSON

Downloads by country - last 12 months

Export as JSONCSVXML

Archive Staff Only

View Item