Dr Maria Bada

Lecturer

Cybersecurity awareness and training

A look at past practises and future needs

Biography

Maria Bada is a Lecturer at Queen Mary University in London. Maria is a behavioural scientist, and her work focuses on the human aspects of cybersecurity and cybercrime. Her research looks at the effectiveness of cybersecurity awareness campaigns trying to identify factors which potentially lead to failure of these in changing the information security behaviour of consumers and employees.

She has collaborated with government, law enforcement and private sector organisations to assess national level cybersecurity capacity and develop interventions to enhance resilience. She has also supported National Cyber Security Strategy development for the UK and governments in Europe, Africa, Asia and Latin America. She is a member of the National Risk Assessment (NRA) Behavioural Science Expert Group in the UK, working on the social and psychological impact of cyber-attacks on members of the public.

Presentation overview

Past and current efforts to improve cybersecurity practices have not had the desired impact, with companies not necessarily focusing on changing employee behaviour, but rather on simple transfer of knowledge about good practices in security. Cases of cybersecurity information fatigue and malicious compliance often lead to unsuccessful cybersecurity awareness programmes and consequently to an increasing number of cyber-attacks caused by a human component, such as ransomware attacks. It is important therefore to critically reflect on the challenges involved in improving cybersecurity behaviours. This presentation will discuss current best practice in this field and reflect on research findings and new human centric approaches such as user behaviour analytics, used to develop more focused and relevant training programs.