Ross Anderson

Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I cant remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...

Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'

Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human...

Back to Basics: Cybersecurity's Weakest Link

A big promise with a big appeal. You hear that a lot in the world of cybersecurity, where you're often promised a fast, simple fix that will take care of all your cybersecurity needs, solving your security challenges in one go. It could be an AI-based tool, a new superior management tool, or...

Security and Human Behavior (SHB) 2022

Today is the second day of the fifteenth Workshop on Security and Human Behavior, hosted by Ross Anderson and Alice Hutchings at the University of Cambridge. After two years of having this conference remotely on Zoom, its nice to be back together in person. SHB is a small, annual, invitational...

Microsoft CRSP shares the ways human behavior affects compromise recovery

The Microsoft Compromise Recover Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place. As ...

Microsoft CRSP shares the ways human behavior affects compromise recovery

The Microsoft Compromise Recover Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place. As ...

Security and Human Behavior (SHB) 2021

Today is the second day of the fourteenth Workshop on Security and Human Behavior. The University of Cambridge is the host, but were all on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro...

Visualize and Analyze Bots with Real User Monitoring

You interact with more than just customers on your website. Bots make up a disproportionate amount of traffic, which can skew human behavior analysis data -- and cause you to make the wrong business decisions. In fact, one Akamai customer with 30% of total traffic from bots noticed a huge gap in...

Visualize and Analyze Bots with Real User Monitoring

You interact with more than just customers on your website. Bots make up a disproportionate amount of traffic, which can skew human behavior analysis data -- and cause you to make the wrong business decisions...

Taking Action This Earth Month

There's a fascinating human phenomenon often studied in the behavioral science field called the intention-action gap...

Security and Human Behavior (SHB) 2020

Today is the second day of the thirteenth Workshop on Security and Human Behavior. It's being hosted by the University of Cambridge, which in today's world means we're all meeting on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of...

Troy Hunt: 'Messy' Password Problem Isn't Getting Better

LONDON, UK – The security world is facing a major issue that has led to widespread breaches, data exposure, and more – and it all stems from millions of insecure passwords used for everything from enterprise PCs to internet of things IoT devices. Poor password hygiene – including reusing password...

Security and Human Behavior (SHB) 2019

Today is the second day of the twelfth Workshop on Security and Human Behavior, which I am hosting at Harvard University. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and...

Employee education strategies that work to change behavior

When people make the decision to get in shape, they have to commit the time and energy to do so. Going to the gym once isn’t going to cut it. The same is true when it comes to changing the culture of an organization. In order to be effective in changing employee behavior, training needs to be...

Security and Human Behavior (SHB 2018)

I'm at Carnegie Mellon University, at the eleventh Workshop on Security and Human Behavior. SHB is a small invitational gathering of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself. The 50 or so people in the roo...

Security and Human Behavior (SHB 2017)

I'm in Cambridge University, at the tenth Workshop on Security and Human Behavior. SHB is a small invitational gathering of people studying various aspects of the human side of security, organized each year by Ross Anderson, Alessandro Acquisti, and myself. The 50 or so people in the room include...

The use of passwords in a technological evolution

Every day we read about an incredible number of successful attacks and data breaches that exploited leak of authentication mechanisms practically in every sector. Often also critical control system are exposed on line protected only by a weak password, in many cases the default one of factory...

The use of passwords in a technological evolution

Every day we read about an incredible number of successful attacks and data breaches that exploited leak of authentication mechanisms practically in every sector. Often also critical control system are exposed on line protected only by a weak password, in many cases the default one of factory...

Some Advice for Howard Schmidt

It’s been little more than 24 hours since President Obama named Howard Schmidt his White House Cybersecurity Coordinator, but it didn’t take nearly that long for just about everyone with any interest in security to line up on one side or the other of the “he has no chance/he’ll save the Internet”...