Parkin, S;
Chua, YT;
(2021)
Refining the Blunt Instruments of Cybersecurity: A Framework to Coordinate Prevention and Preservation of Behaviours.
In:
Proceedings of the 10th International Workshop on Socio-Technical Aspects in Security.
Springer: Guildford, UK.
(In press).
Preview |
Text
STAST2020.pdf - Accepted Version Download (607kB) | Preview |
Abstract
Background. Cybersecurity controls are deployed to manage risks posed by malicious behaviours or systems. What is not often considered or articulated is how cybersecurity controls may impact legitimate users (often those whose use of a managed system needs to be protected, and preserved). This characterises the ‘blunt’ nature of many cybersecurity controls. Aim. Here we present a synthesis of methods from cybercrime opportunity reduction and behaviour change. Method. We illustrate the method and principles with a range of examples and a case study focusing on online abuse and social media controls,relating in turn to issues inherent in cyberbullying and tech-abuse. Results. The framework describes a capacity to improve the precision of cybersecurity controls, identifying opportunities for risk owners to better protect legitimate users while simultaneously acting to prevent malicious activity in a managed system. Conclusions. We describe capabilities for a novel approach to managing sociotechnical cyber-risk, which can be integrated into typical risk management processes, to allow for side-by-side consideration of efforts to prevent and preserve different behaviours in a system, by examining their shared determinants.
Type: | Proceedings paper |
---|---|
Title: | Refining the Blunt Instruments of Cybersecurity: A Framework to Coordinate Prevention and Preservation of Behaviours |
Event: | 10th International Workshop on Socio-Technical Aspects in Security |
Location: | online |
Dates: | 17 September 2020 - 17 September 2020 |
Open access status: | An open access version is available from UCL Discovery |
Publisher version: | https://stast.uni.lu/?ref=infosec-conferences.com |
Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
UCL classification: | UCL UCL > Provost and Vice Provost Offices UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
URI: | https://discovery.ucl.ac.uk/id/eprint/10112991 |
Archive Staff Only
View Item |