Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Human-Centered Cybersecurity

User Perceptions & Behaviors

Understanding user perceptions and behavior is critical to achieving security objectives. People are repeatedly bombarded with messages about the dangers lurking on the Internet and are encouraged (or forced) to take numerous security-related actions, often without a clear understanding of why and to what end.

We conduct research to discover people’s security and privacy perceptions, attitudes, and behaviors with a goal of developing cybersecurity guidance that: 1) takes into account user needs, biases, and limitations and 2) helps people make sound security decisions. Recent projects include exploring the challenges and perceptions of "data guardians" (professionals tasked with protecting other people's personal data in their daily work) and how the general public understands commonly-used cybersecurity terminology.

 

Publications


Papers

Data Guardians: Behaviors and Challenges While Caring for Others' Personal Data paper icon - Julie Haney, Sandra Spickard Prettyman, Mary Theofanos, & Susanne Furman. 5th International Conference on HCI for Cybersecurity, Privacy and Trust affiliated conference at HCI International (2023).

Pandemic Parallels: What Can Cybersecurity Learn From COVID-19? report icon - Steven Furnell, Julie Haney, & Mary Theofanos. IEEE Computer (2021)

Be Prepared: How US Government Experts Think About Cybersecurity paper icon - Mary F. Theofanos, Brian C. Stanton, Sandra S. Prettyman, Susanne M. Furman, & Simson L. Garfinkel. Proceedings of the Workshop on Usable Security (USEC) at the Network and Distributed Systems Security (NDSS) Symposium (2017)

Security Fatigue paper icon - Brian C. Stanton, Sandra S. Prettyman, Mary F. Theofanos, & Susanne M. Furman. IT Professional (2016)

The Power of Qualitative Methods: Aha Moments in Exploring Cybersecurity and Trust paper icon  - Brian C. Stanton, Mary F. Theofanos, Susanne M. Furman, & Sandra S. Prettyman. User Experience Magazine (2016)

Privacy and Security in the Brave New World: The Use of Multiple Mental Models paper icon  - Susanne M. Furman, Mary F. Theofanos, Brian C. Stanton, & Sandra S. Prettyman. Proceedings of HCI International (2015)

Basing Cybersecurity Training on User Perceptions paper icon  - Susanne M. Furman, Mary Frances Theofanos, Yee-Yin Choong, & Brian Stanton. IEEE Security & Privacy (2012)

Videos

Cybersecurity Fatigue video icon (2016)

Papers

Cybersecurity Definitions for Non-Experts (Poster Abstract) poster icon - Lorenzo Neil, Julie Haney, Kerrianne Buchanan, & Charlotte Healy. Poster session at Symposium on Usable Privacy and Security (SOUPS) (2023).

Analyzing Cybersecurity Definitions for Non-experts paper icon - Lorenzo Neil, Julie Haney, Kerrianne Buchanan, & Charlotte Healy. 17th International Symposium on Human Aspects of Information Security & Assurance (2023).

 

Created November 17, 2016, Updated March 26, 2024