Phishing continues to be an escalating cyber threat facing organizations of all types and sizes, including industry, academia, and government.
Our team performs research to understand phishing within an operational (real-world) context by examining user behaviors during phishing awareness training exercises. Our efforts have provided insights into users’ rationale and role in early detection, and how these might be scaffolded with technological solutions.
Current/recent research projects:
Past research projects:
Security and Privacy: authentication, behavior, general security & privacy, privacy, security programs & operations, usability
Technologies: email
Applications: cybersecurity education, cybersecurity workforce, Internet of Things