Cyber Security Seminar: Approaching the Measurement of User Security Behaviour in Organisations

Our final Interdisciplinary Cyber Security Seminar this semester will take place on Tuesday, 10th December at 5pm. The seminar will take place in EB202 in the Executive Business Centre, and will be free and open to all. If you would like to attend, please register at

Our speaker will be Dr. Simon Parkin from UCL. Simon is a Senior Research Associate in the Information Security group at University College London, contributing to the Productive Security project within the Research Institute in the Science of Cyber Security (RISCS). He was previously a member of the Innovation Team at Hewlett Packard Enterprise Security Services (HP ESS) until mid-2012. From 2007 to 2011, Simon was a Postdoctoral Research Associate in the School of Computing Science at Newcastle University, where he also obtained his PhD. His research interests include: IT-security policy management metrics, models and tools; holistic IT-security management principles, and; IT-security risk management approaches and knowledge formalisation.

Abstract: Individuals working within organisations must complete their tasks, and are often expected to do so using secured IT systems. There can be times when the expectations for productivity and security are in competition, and so how would an organisation measure the outcomes in practice? We will review a series of interdisciplinary research efforts that characterise the human factor in IT-security within large organisations, as part of a holistic view of security. There are furthermore a variety of modelling approaches and frameworks that have emerged and informed this view. We will consider the challenges that remain in affording measurement of the human factor in IT-security within organisations, and some of the changes that are required for such activities to be sustainable and effective.