Computer Laboratory

Can we make people value IT security?

The sixth annual Wheeler lecture was given at the Computer Laboratory on Wednesday 24th May, 2017. The speaker was M. Angela Sasse who spoke on some of the usability considerations in designing security mechanisms.

Abstract

In many organisations today, IT security is a battleground: to manage the risks the organisation faces, security specialists devise policies and deploy security mechanisms that they expect staff and customers to comply with. But most of time, staff and customers don’t comply, and attempts to change that by “raising awareness” and “educating” them generally fail. The talk will use the examples of security warnings, access control, and sandboxing to explain the different perspectives and values that security specialists and ‘the rest of us’ apply to security. In conclusion, I will argue that a value-centred design approach is the only way to develop security solutions people want to use.

M. Angela Sasse is the Professor of Human-Centred Technology in the Department of Computer Science at University College London. She obtained an M.Sc. in Occupational Psychology from the University of Sheffield and a Ph.D. in Computer Science from the University of Birmingham. She joined UCL as a lecturer in 1990. Since the mid-90s, her research has focussed on establishing the human-centred perspective on security, privacy, identity and trust. She has pioneered research on how IT security affects individual and organisational productivity, working with a number of major UK companies, and government agencies in the UK, US and Germany. She is currently the Director of the UK Research Institute in Science of Cyber Security, and was elected a Fellow of the Royal Academy of Engineering in 2015.

Programme

The programme for the day was as follows:

  • 15:45 Afternoon tea.
  • 16:15 Wheeler lecture.
  • 17:30 Drinks reception.