Skip to main content
SpringerLink
Log in

Incorporating Psychology into Cyber Security Education: A Pedagogical Approach

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12063))

Included in the following conference series:

Abstract

The role of the human in cyber security is well acknowledged. Many cyber security incidents rely upon targets performing specific behavioural actions, such as opening a link within a phishing email. Cyber adversaries themselves are driven by psychological processes such as motivation, group dynamics and social identity. Furthermore, both intentional and unintentional insider threats are associated with a range of psychological factors, including cognitive load, mental wellbeing, trust and interpersonal relations. By incorporating psychology into cyber security education, practitioners will be better equipped with the skills they need to address cyber security issues. However, there are challenges in doing so. Psychology is a broad discipline, and many theories, approaches and methods may have little practical significance to cyber security. There is a need to sift through the literature to identify what can be applied to cyber security. There are also pedagogical differences in how psychology and cyber security are taught and also psychological differences in the types of student that may typically study psychology and cyber security. To engage with cyber security students, it is important that these differences are identified and positively addressed. Essential to this endeavor is the need to discuss and collaborate across the two disciplines. In this paper, we explore these issues and discuss our experiences as psychology and cyber security academics who work across disciplines to deliver psychology education to cyber security students, practitioners and commercial clients.

Jacqui Taylor-Jackson, John McAlaney, Jeff Foster, Abubakar Bello, Alana Maurushat, John Dale, Incorporating Psychology into Cyber Security Education: A Pedagogical Approach, Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Dawson, J., Thomson, R.: The future cybersecurity workforce: going beyond technical skills for successful cyber performance. Front. Psychol. 9 (2018). 1664-1078. https://www.frontiersin.org/article/10.3389/fpsyg.2018.00744

  2. Kearney, W.D., Kruger, H.A.: Can perceptual differences account for enigmatic information security behaviour in an organisation? Comput. Secur. 61, 46–58 (2016)

    Article  Google Scholar 

  3. Iuga, C., Nurse, J.R.C., Erola, A.: Baiting the hook: factors impacting susceptibility to phishing attacks. Hum.-Centric Comput. Inf. Sci. 6(1), 1–20 (2016). https://doi.org/10.1186/s13673-016-0065-2

    Article  Google Scholar 

  4. Bursztein, E., et al.: Handcrafted fraud and extortion: manual account hijacking in the wild. In: Proceedings of the 2014 Conference on Internet Measurement Conference, Vancouver, BC, Canada, pp. 347–358. ACM (2014)

    Google Scholar 

  5. Johnston, A.C., Warkentin, M., Siponen, M.: An enhanced fear appeal rhetorical framework: leveraging threats to the human asset through sanctioning rhetoric. Mis Q. 39(1), 113–134 (2015)

    Article  Google Scholar 

  6. Hadnagy, C.: Social Engineering: The Act of Human Hacking. Wiley Publishing Inc., Indianapolis (2011)

    Google Scholar 

  7. Witkowski, T.: Thirty-five years of research on neuro-linguistic programming. NLP research data base. State of the art or pseudoscientific decoration? Pol. Psychol. Bull. 41(2), 58–66 (2010)

    Google Scholar 

  8. Rogers, M.K.: The psyche of cybercriminals: a psycho-social perspective. In: Anal. Ghosh, G., Turrini, E. (eds.) Cybercrimes: A Multidisciplinary Analysis, pp. 217–235. Springer, Berlin (2010). https://doi.org/10.1007/978-3-642-13547-7_14

  9. Seebruck, R.: A typology of hackers: classifying cyber malfeasance using a weighted arc circumplex model. Digit. Invest. 14, 36–45 (2015)

    Article  Google Scholar 

  10. Olson, P.: We Are Anonymous. Back Bay Books, New York (2012)

    Google Scholar 

  11. Darley, J.M.: Social organization for the production of evil. Psychol. Inq. 3(2), 199–218 (1992)

    Article  Google Scholar 

  12. Wallach, M.A., Kogan, N., Bem, D.J.: Group influence on individual risk-taking. J. Abnorm. Psychol. 65(2), 75 (1962)

    Google Scholar 

  13. Doise, W.: Groups and Individuals: Explanations in Social Psychology. Cambridge University Press, Cambridge (1978)

    Google Scholar 

  14. Sheng, S., et al.: Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems 2010, Atlanta, Georgia, USA, pp. 373–382. ACM (2010)

    Google Scholar 

  15. Rifon, N.J., LaRose, R., Choi, S.M.: Your privacy is sealed: effects of web privacy seals on trust and personal disclosures. J. Consum. Aff. 39(2), 339–362 (2005)

    Article  Google Scholar 

  16. Power, A., Kirwan, G.: Cyberpsychology and New Media: A Thematic Reader. Psychology Press, New York (2014)

    Google Scholar 

  17. Utz, S., Kramer, N.: The privacy paradox on social network sites revisited: The role of individual characteristics and group norms. Cyberpsychol.: J. Psychosoc. Res. Cyberspace 3(2) (2009)

    Google Scholar 

  18. Schmidt, M.B., Arnett, K.P.: Spyware: a little knowledge is a wonderful thing. Commun. ACM 48(8), 67–70 (2005)

    Article  Google Scholar 

  19. Schneier, B.: The Psychology of Security. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 50–79. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68164-9_5

    Chapter  Google Scholar 

  20. Kahneman, D.: Thinking Fast and Slow, 1st edn. 499 pp. Penguin, Westminster (2011)

    Google Scholar 

  21. Venkatesh, V., et al.: User acceptance of information technology: toward a unified view. Mis Q. 27(3), 425–478 (2003)

    Article  Google Scholar 

  22. Band, S.R., et al. Comparing insider it sabotage and espionage: a model-based analysis. Software Engineer Institute, Carnegie Mellon (2006)

    Google Scholar 

  23. Radford, J., Holdstock, L.: Gender differences in higher education aims between computing and psychology students. Res. Sci. Technol. Educ. 13(2), 163–176 (1995)

    Article  Google Scholar 

  24. Taylor, J.: Teaching psychology to computing students. Psychol. Teach. Rev. 14(1), 21–29 (2008)

    Google Scholar 

  25. Gibbs, J.C.: Moral Development and Reality: Beyond the Theories of Kohlberg and Hoffman. SAGE Publications, Newcastle upon Tyne (2003)

    Google Scholar 

  26. Making things hard on yourself, but in a good way: creating desirable difficulties to enhance learning. In: Psychology and the Real World. Essays Illustrating Fundamental Contributions to Society, no. 2, pp. 59–68 (2011)

    Google Scholar 

  27. Linn, M.C., Chang, H.-Y., Chiu, J.L., Zhang, Z.H., McElhaney, K.: Can desirable difficulties overcome deceptive clarity in scientific visualizations? In: Benjamin, A.S. (ed.) Successful Remembering and Successful Forgetting: A Festschrift in honor of Robert A. Bjork (pp. 235–258). Taylor & Francis (2011). https://doi.org/10.4324/9780203842539

  28. Bandura, A.: Social cognitive theory. In: Ewen, R.B. (ed.) An Introduction to the Theories of Personality, pp. 365–386. Lawrence Erlbraun Associates, Mahwa (2003)

    Google Scholar 

  29. Steptoe, A., Wardle, J.: Locus of control and health behaviour revisited: a multivariate analysis of young adults from 18 countries. Br. J. Psychol. 92(Pt 4), 659–672 (2001)

    Article  Google Scholar 

  30. Maurushat, A.: Ethical Hacking. University of Ottawa Press, Ottawa (2019)

    Google Scholar 

  31. Maurushat, A., Bello, A., Bragg, B.: Artificial intelligence enabled cyber fraud: a detailed look into payment diversion fraud and ransomware. Indian J. Law Technol. 15(2) (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Psychology, WSU, Sydney, NSW, Australia

    Jacqui Taylor-Jackson & Jeffrey L. Foster

  2. Department of Psychology, Faculty of Science and Technology, Bournemouth University, Poole, Dorset, UK

    John McAlaney

  3. School of Social Sciences, WSU, Sydney, NSW, Australia

    Abubakar Bello & Alana Maurushat

  4. LiMETOOLS Ltd., Bournemouth, UK

    John Dale

Authors
  1. Jacqui Taylor-Jackson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. John McAlaney
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jeffrey L. Foster
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abubakar Bello
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Alana Maurushat
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. John Dale
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jacqui Taylor-Jackson .

Editor information

Editors and Affiliations

  1. University of Michigan–Ann Arbor, Ann Arbor, USA

    Matthew Bernhard

  2. Computing Science and Mathematics, University of Stirling, Stirling, UK

    Andrea Bracciali

  3. Computer Science Department, Indiana University, Bloomington, USA

    L. Jean Camp

  4. Department of Computer Science, Georgetown University, Washington, WA, USA

    Shin'ichiro Matsuo

  5. Western Sydney University, Parramatta, Australia

    Alana Maurushat

  6. Maison du Nombre, University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Peter B. Rønne

  7. Dipartimento di Matematica, University of Trento, Trento, Trento, Italy

    Massimiliano Sala

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Taylor-Jackson, J., McAlaney, J., Foster, J.L., Bello, A., Maurushat, A., Dale, J. (2020). Incorporating Psychology into Cyber Security Education: A Pedagogical Approach. In: Bernhard, M., et al. Financial Cryptography and Data Security. FC 2020. Lecture Notes in Computer Science(), vol 12063. Springer, Cham. https://doi.org/10.1007/978-3-030-54455-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-54455-3_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-54454-6

  • Online ISBN: 978-3-030-54455-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation