Guests:
Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead at National Institute of Standards and Technology [@NISTcyber]
On Linkedin | https://www.linkedin.com/in/julie-haney-037449119/
On Twitter | https://x.com/jmhaney8?s=21&t=f6qJjVoRYdIJhkm3pOngHQ
Dr. Calvin Nobles, Ph.D., Portfolio Vice President / Dean, School of Cybersecurity and Information Technology, University of Maryland Global Campus [@umdglobalcampus]
On LinkedIn | https://www.linkedin.com/in/calvinnobles/
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
___________________________
Episode Notes
In a recent episode of Human-Centered Cybersecurity Series on the Redefining CyberSecurity podcast, co-hosts Sean Martin and Julie Haney dive into the intriguing world of human-centered cybersecurity with their guest, Dr. Calvin Nobles, Dean of the School of Cyber Security and Information Technology at the University of Maryland Global Campus. The episode provided a wealth of knowledge, not only about the significance of human factors in cybersecurity but also about how organizations can better integrate these considerations into their cybersecurity strategies.
The conversation illuminated the critical role of human factors, a field born out of experimental psychology and foundational to related subfields such as human-computer interaction and usability. Dr. Nobles' insights shed light on the need for cybersecurity systems to be designed with human limitations and strengths in mind, thus optimizing user performance and reducing the risk of errors. It's a call to move from technology-centered designs to ones that place humans at their core. A significant point of discussion revolved around the common misunderstandies surrounding human factors in cybersecurity. Dr. Nobles clarified the definition of human factors, pointing out its systematic approach towards optimizing human performance. By fitting the system to the user, rather than forcing the user to adapt, cybersecurity can become more intuitive and less prone to human error.
The episode also touched on the concerning gap in current cybersecurity education and practice. Dr. Nobles and Haney highlighted the sparse incorporation of human factors into cybersecurity curricula across universities, stressing the urgency for integrated education that aligns with real-world needs. This gap points to a broader issue within organizations—the lack of focused human factors programs to address the human element comprehensively.
Practical advice was shared for organizations aspiring to incorporate human factors into their cybersecurity efforts. Identifying 'human friction areas' at work, such as fatigue, resource shortages, and a lack of prioritization, can guide initiatives to mitigate these challenges. Moreover, the suggestion to provide cybersecurity professionals with education in human factors underlines the need for a well-rounded skillset that goes beyond technical expertise.
This episode serves as a beacon for the cybersecurity community, emphasizing the necessity of integrating human factors into cybersecurity education, practice, and policies. By doing so, the field can advance towards a more effective, human-centered approach that enhances both security and user experience.
Top Questions Addressed
___________________________
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
___________________________
Resources
___________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring this show with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc