Harnessing Human Potential for Security Analytics

Humans are often considered the weakest link in cybersecurity. As a result, their potential has been continuously neglected. However, in recent years there is a contrasting development recognizing that humans can benefit the area of security analytics, especially in the case of security incidents that leave no technical traces. Therefore, the demand becomes apparent to see humans not only as a problem but also as part of the solution. In line with this shift in the perception of humans, the present dissertation pursues the research vision to evolve from a human-as-a-problem to a human-as-a-solution view in cybersecurity. A step in this direction is taken by exploring the research question of how humans can be integrated into security analytics to contribute to the improvement of the overall security posture. In addition to laying foundations in the field of security analytics, this question is approached from two directions. On the one hand, an approach in the context of the human-as-a-security-sensor paradigm is developed which harnesses the potential of security novices to detect security incidents while maintaining high data quality of human-provided information. On the other hand, contributions are made to better leverage the potential of security experts within a SOC. Besides elaborating the current state in research, a tool for determining the target state of a SOC in the form of a maturity model is developed. Based on this, the integration of security experts was improved by the innovative application of digital twins within SOCs. Accordingly, a framework is created that improves manual security analyses by simulating attacks within a digital twin. Furthermore, a cyber range was created, which offers a realistic training environment for security experts based on this digital twin

The employee experience in cybersecurity and how to mitigate risk

With society now heavily invested in computer systems and internet connectivity, it has never been more vital to identify ways to safeguard cyberspace (Asquith & Morgan, 2019). In 2021, over 23,896 cyber security incidents were reported to have taken place across the globe, with a data breach confirmed in over 5,212 of these incidents (Verizon, 2022). Despite many organisations now applying time and budget to cybersecurity awareness training, 82% of security breaches are still found to involve a human element (Verizon, 2022). The aim of this PhD was to better understand the human experience in cybersecurity, internal individual differences that can result in decision-making vulnerabilities, but also the impact of additional external pressures such as offender persuasion attempting to leverage on human susceptibility, to the impact of persuasive interventions generated to promote secure behaviour. The result – a Cybersecurity Awareness Framework (CAF) that can guide organisations on how to better measure and manage human-centric cybersecurity moving forward. In addition, an improved understanding around the persuasion techniques most likely to increase human vulnerability, as well as findings around the impact of several interventions currently being utilised to persuade end-users to behave in ways that counter that vulnerability. Together, these outputs provide a more holistic understanding around the employee experience in cybersecurity, the challenges they face, and recommendations for future intervention

From Cyber Security Activities to Collaborative Virtual Environments Practices through the 3D CyberCOP Platform

International audienceAlthough collaborative practices between cyber organizations are well documented, managing activities within these organizations is still challenging as cyber operators tasks are very demanding and usually done individually. As human factors studies in cyber environments are still difficult to perform, tools and collaborative practices are evolving slowly and training is always required to increase teamwork efficiency. Contrary to other research fields, cyber security is not harnessing yet the capabilities of Collaborative Virtual Environments (CVE) which can be used both for immersive and interactive data visualization and serious gaming for training. In order to tackle cyber security teamwork issues, we propose a 3D CVE called the 3D Cyber Common Operational Picture, which aims at taking advantage of CVE practices to enhance cyber collaborative activities. Based on four Security Operations Centers (SOCs) visits we have made in different organizations, we have designed a cyber collaborative activity model which has been used as a reference to design our 3D CyberCOP platform features, such as asymetrical collaboration, mutual awareness and roles specialization. Our approach can be adapted to several use cases, and we are currently developing a cyber incident analysis scenario based on an event-driven architecture, as a proof of concept

Amateur Citizens: Culture and Democracy in Contemporary Cuba

This dissertation studies the creative practices of citizens who use cultural resources to engage in political criticism in contemporary Cuba. I argue that, in order to become visible as political subjects in the public sphere, these citizens appeal to cultural forms and narratives of self-representation that elucidate the struggles for recognition faced by emerging social actors. I examine blogs, garage bands, art performances, home art exhibits, digital literary supplements, improvised academies, and informal networks of publication that, as forms of aesthetic experimentation with stories of everyday life, disclose a social text. I suggest that their narrative choices emphasize their status as 'regular citizens' in order to distinguish themselves from both traditional voices of political opposition and institutionally accredited cultural producers--professional artists, academics, musicians. This recasts sites of cultural production as models of alternative citizenship where the concept of the political is re-imagined and where the commonplace, pejorative meaning of the term amateur is contested. On the fringes of the republic of letters, adjacent to traditional sites of cultural production, these oblique uses of culture consequently question legitimate forms of public speech. They demand that the way in which the relationship between aesthetics and politics in Cuba has been traditionally studied be reconsidered. Read in tandem with discourses against and about them from the lettered city--in literature, cultural criticism, film, and visual arts--I also follow the trope of the amateur under revolutionary cultural politics. I suggest that these contemporary voices have a contradictory genealogy in the cultural practices of the early decades of the Cuban Revolution. I try to show that these cultural practices become politically and socially significant because they try to resist--though not always successfully--cooptation by two forces: the remnant of bureaucratic, state-capitalist tendencies on one hand, and the rapid commercialization of popular culture for a foreign audience on the other. As a result, both the reconfigurations of the cultural field and the contested meanings of democracy in post-Cold War Cuba are re-examined through a reading of informal hubs of cultural production. The functions of culture in late socialism can be then comparatively studied by looking at an institutional framework in transition through the social and political subjectivities that are both expressed in, and constituted by, corresponding aesthetic practices and forms