U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Projects Human-Centered Cybersecurity Research Areas

Human-Centered Cybersecurity

User Perceptions & Behaviors

Understanding user perceptions and behavior is critical to achieving security objectives. People are repeatedly bombarded with messages about the dangers lurking on the Internet and are encouraged (or forced) to take numerous security-related actions, often without a clear understanding of why and to what end.

We conduct research to discover people’s security and privacy perceptions, attitudes, and behaviors with a goal of developing cybersecurity guidance that: 1) takes into account user needs, biases, and limitations and 2) helps people make sound security decisions. Recent projects include exploring the challenges and perceptions of "data guardians" (professionals tasked with protecting other people's personal data in their daily work) and how the general public understands commonly-used cybersecurity terminology.

 

Publications

Papers

Data Guardians: Behaviors and Challenges While Caring for Others' Personal Data paper icon - Julie Haney, Sandra Spickard Prettyman, Mary Theofanos, & Susanne Furman. 5th International Conference on HCI for Cybersecurity, Privacy and Trust affiliated conference at HCI International (2023).

Pandemic Parallels: What Can Cybersecurity Learn From COVID-19? report icon - Steven Furnell, Julie Haney, & Mary Theofanos. IEEE Computer (2021)

Be Prepared: How US Government Experts Think About Cybersecurity paper icon - Mary F. Theofanos, Brian C. Stanton, Sandra S. Prettyman, Susanne M. Furman, & Simson L. Garfinkel. Proceedings of the Workshop on Usable Security (USEC) at the Network and Distributed Systems Security (NDSS) Symposium (2017)

Security Fatigue paper icon - Brian C. Stanton, Sandra S. Prettyman, Mary F. Theofanos, & Susanne M. Furman. IT Professional (2016)

The Power of Qualitative Methods: Aha Moments in Exploring Cybersecurity and Trust paper icon  - Brian C. Stanton, Mary F. Theofanos, Susanne M. Furman, & Sandra S. Prettyman. User Experience Magazine (2016)

Privacy and Security in the Brave New World: The Use of Multiple Mental Models paper icon  - Susanne M. Furman, Mary F. Theofanos, Brian C. Stanton, & Sandra S. Prettyman. Proceedings of HCI International (2015)

Basing Cybersecurity Training on User Perceptions paper icon  - Susanne M. Furman, Mary Frances Theofanos, Yee-Yin Choong, & Brian Stanton. IEEE Security & Privacy (2012)

Videos

Cybersecurity Fatigue video icon (2016)

Papers

Cybersecurity Definitions for Non-Experts (Poster Abstract) poster icon - Lorenzo Neil, Julie Haney, Kerrianne Buchanan, & Charlotte Healy. Poster session at Symposium on Usable Privacy and Security (SOUPS) (2023).

Analyzing Cybersecurity Definitions for Non-experts paper icon - Lorenzo Neil, Julie Haney, Kerrianne Buchanan, & Charlotte Healy. 17th International Symposium on Human Aspects of Information Security & Assurance (2023).

 

Contacts

NIST Human-Centered Cybersecurity
human-cybersec@nist.gov

Julie Haney
julie.haney@nist.gov

Created November 17, 2016, Updated November 16, 2023