University of Birmingham > Talks@bham > Computer Science Departmental Series > The Psychology of Security

The Psychology of Security

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Christine Zarges.

Host: Shishir Nagaraja - ROOM CHANGE

A fascinating dialogue is developing between psychologists and security engineers. At the macro scale, societal overreactions to terrorism are founded on the misperception of risk and uncertainty, which has deep psychological roots. At the micro scale, more and more crimes involve deception; as security engineering gets better, it’s easier to mislead people than to hack computers or hack through walls. Many frauds can be explained in terms of the heuristics and biases that we have retained from our ancestral evolutionary environment.

At an even deeper level, the psychology of security touches on fundamental scientific and philosophical problems. The `Machiavellian Brain’ hypothesis states that we evolved high intelligence not to make better tools, but to use other monkeys better as tools: primates who were better at deception, or at detecting deception in others, left more descendants. Yet the move online is changing the parameters of deception, and robbing us of many of the signals we use to make trust judgments in the “real” world; it’s a lot easier to copy a bank website than it is to copy a bank. Many systems fail because the security usability has not been thought through: the designers have different mental models of threats and protection mechanisms from users. And misperceptions cause security markets to fail: many users buy snake oil, while others distrust quite serviceable mechanisms.

Security is both a feeling and a reality, and they’re different. The gap gets ever wider, and ever more important. In this talk I will describe the rapidly-growing field of security psychology which is bringing together security engineers not just with psychologists but with behavioural economists, anthropologists and even philosophers to develop new approaches to risk, fraud and deception in the complex socio-technical systems on which we are all coming to rely.

This talk is part of the Computer Science Departmental Series series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.


Talks@bham, University of Birmingham. Contact Us | Help and Documentation | Privacy and Publicity.
talks@bham is based on from the University of Cambridge.