Presented by by Prof Gaëlle Vallée-Tourangeau
By 2015, roughly half the world population had access to the internet. The exponential expansion of cyberspace and the internet of things comes with unprecedented levels of globalisation, interactions, and “big” databases. Humans are more and more embedded in a meshwork of data and computers. It also raises uncharted security challenges. This talk will focus on cyber security risks towards information including threats to the confidentiality, availability, or integrity of information. While such threats may arise from technology failures or natural disasters, more often than not, they originate in human behaviour. People’s actions (or inactions) may be intention- al or accidental, planned or automatic, malevolent or pragmatic. To gain in- sight in those behaviours, we need to better understand how people think and make decisions in cyber environments. To this aim, I will argue that we need to go beyond the classical information-processing view of the human mind as a computer. I will introduce the systemic thinking model (SysTM), which conceives human thoughts and decisions as emerging from people’s interactions with their immediate environment in a system characterised by environmental affordances (i.e., action possibilities) and human motives and capabilities. I will conclude by providing examples of how SysTM could be leveraged to better understand the human element in cyber systems and mitigate against cyber security risks caused by human behaviour.