16:15 - 18:00
The role of the human for security and privacy is highly relevant, e.g., when it comes to secure authentication, communication, or the detection of phishing e-mails. As such, the human is an important element in today’s security-critical systems. Yet, humans have often been considered a weak link as it is finally them who create weak passwords or click on phishing links. Measures to prevent these insecure behaviours include automation, training or the creation of policies. But why do users behave insecurely in the first place? And how can we change that? This talk aims to shine light on the psychological aspects of IT security and privacy that help to understand human security behaviour and provide examples from different application areas. Furthermore, it will outline a mindset that suggests viewing the human as a potential solution with regard to security and privacy rather than only viewing the human as a weak link to be dealt with.
Verena Zimmermann is Assistant Professor (Tenure Track) for Security, Privacy and Society at ETH Zürich. Her research interests comprise the Human Aspects of Safety, IT Security and Privacy. After her studies in psychology, she has completed her dissertation in the interdisciplinary research area of Usable Security at TU Darmstadt in Germany. Within the research group Work and Engineering Psychology and ATHENE, the German National Center for Applied Cybersecurity, she worked on several security- related research projects. Her dissertation with the title «From the Quest to Replace Passwords towards Supporting Secure and Usable Password Creation” received dissertation awards by the German Association for Data Protection and Data Security e.V. (GDD) and the Ernst- Ludwigs-Hochschulgesellschaft.
Event series: Computer Science Insights @HSG - School of Computer Science