UCL News


Security study led by UCL

1 March 2007

A team of globally renowned security and human behaviour experts, chaired by Professor Angela Sasse (UCL Computer Science), has been given a contract to study human vulnerabilities in security systems, awarded by the UK Government-funded Cyber Security Knowledge Transfer Network (KTN).


The study reflects concern that more needs to be done to help organisations and individual users of cyberspace to protect themselves and the UK's critical infrastructure from the increase in cyber-attacks and organised e-crime. Criminals and hackers frequently dupe users into releasing sensitive and valuable information, or by introducing viruses onto their computers and associated networks, often employing sophisticated social engineering techniques to exploit these human weaknesses.

Professor Sasse's team - made up of industry security experts and academics - will outline best practice and make recommendations as to how the IT industry can encourage computer users to behave in a far more secure manner when surfing the internet and doing business in cyberspace. These recommendations will take the form of a white paper that will be published in the spring and made publicly available, to ensure that the study benefits the widest possible audience.

Professor Sasse said: "By drawing on expertise from the social sciences as well as the security domain, we have broadened the knowledge base from which we will deliver a meaningful and useful study. The IT security community has given only patchy consideration to the human factor in security, and I welcome the opportunity to help improve our collective understanding of this critical area and translate it into practical advice for companies and individual users. This exercise will also help us to identify key problems where further research is needed, and set up collaborative efforts between academics and industry to address them."

Angela Sasse is Professor of Human-Centred Technology at UCL Computer Science, where her research is concerned with the interaction between people and communication technologies. The Cyber Security KTN, funded by the Department for Trade and Industry and managed and directed by QinetiQ, was established in 2006 to tackle some of the universal digital security challenges facing the UK by drawing together the country's best industrial, academic and government digital security expertise.

To find out more about Professor Sasse's research, use the link at the bottom of this article.