Article
Dr Zoe Marchment, Professor Paul Gill
Evaluating the Channel Programme’s Vulnerability Assessment Framework
Article
|
4 min read
Article
Mapping a new biometrics landscape
Article
|
4 min read
Report
Joel Busher, Gareth Harris, Julia Ebner, Zsófia Hacsek, Graham Macklin
The Dynamics Of Violence Escalation And Inhibition During 'Hot Periods' Of Anti-Minority And Far-Right Activism
Report
|
10 min read
Article
Ben Marshall
Putting the Behaviour into Behavioural Analytics
Article
|
4 min read
Report
Erika Brady, Sarah Marsden
Women and Preventing and Countering Violent Extremism Interventions
Report
|
5 min read
Article
Emily Collins, Phillip Morgan, Dylan Jones
If This Then…What? Security And Privacy In Trigger-Action Systems
Article
|
3 min read
Article
David McIlhatton, Rachel Monaghan
Protecting Publicly Accessible Locations From Terrorism
Article
|
5 min read
Report
Emma Slade, Emma Williams, Duncan Hodges, Phillip Morgan, Dylan Jones, Bill Macken, Emily Collins, Tasos Spiliotopoulos
Individual Differences in the Adoption, Secure Use, and Exploitation of Smart Home Technology
Report
|
4 min read
Article
Emma Williams, Emma Slade
What Influences Consumer Adoption and Secure Use of Smart Home Technology?
Article
|
3 min read
Article
Duncan Hodges
Mapping Smart Home Vulnerabilities to Cyber-Enabled Crime
Article
|
3 min read
Report
James Lewis, Sarah Marsden
Terrorism-Related Simulations
Report
|
3 min read
Report
Simon Copeland, Sarah Marsden
Behavioural-Focused Protective Security Programmes
Report
|
2 min read
Report
Nick Neave, Pam Briggs, Liz Sillence, Kerry McKellar
Cybersecurity risks of digital hoarding behaviours
Report
|
1 min read
Policy brief
John Blythe
Phishing your staff: A double-edged sword?
Policy brief
|
5 min read
Article
Nick Neave
The Risks of Digital Hoarding
Article
|
3 min read
Article
Emma Boakes
How Do Security Teams Collaborate To Understand Threats to Their Building Management Systems?
Article
|
4 min read
Article
Olivia Brown
Teamwork in Extreme Environments: Identifying Challenges and Generating Solutions
Article
|
4 min read
Guide
Charis Rice, Rosalind Searle
Animation: Positively Influencing Individuals During Organisational Change
Guide
|
1 min read
Article
Jason Nurse
Cyber Resilience: What Is It and How Do We Get It?
Article
|
5 min read
Article
Robert Cialdini, Steve Martin
The Power of Persuasion and Pre-Suasion to Produce Change
Article
|
5 min read
Article
Rosalind Searle, Charis Rice
Positively Influencing Individuals During Organisational Change
Article
|
15 min read
Article
Simon Henderson
The Trade Of The Tricks: How Principles Of Magic Can Contribute To National Security
Article
|
5 min read
Article
Rosalind Searle, Charis Rice
How Messing with Employee Pensions Can Backfire on Companies
Article
|
4 min read
Guide
Rosalind Searle, Charis Rice
A Manager's Guide to Organisational Change
Guide
|
2 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Practitioner Toolkit
Guide
|
1 min read
Report
Rosalind Searle, Charis Rice
Managing Organisational Change
Report
|
2 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Organisational Culture Toolkit
Guide
|
1 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Individuals Toolkit
Guide
|
1 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Leaders Toolkit
Guide
|
1 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Team Relations Toolkit
Guide
|
1 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Video Introduction
Guide
|
1 min read
Guide
Rosalind Searle, Charis Rice
Managing Organisational Change: Using the CWB Toolkits
Guide
|
1 min read
Article
Samantha Mann
How does a smuggler behave?
Article
|
4 min read
Article
Jan-Willem Bullée
Social Engineering: From Thoughts to Awareness
Article
|
3 min read
Article
Rosalind Searle, Charis Rice
Trust and Insider Threat: Ensuring We Don’t Look Back – or Forward – in Anger
Article
|
3 min read
Article
Using Networks to Predict the Impact of ‘Bad Apples’ on Team Performance
Article
|
3 min read
Article
Dorothy Carter, Cynthia Maupin
Leadership Is a Social Network: Implications for Security
Article
|
4 min read
Article
Christos Ellinas
Predicting and Preparing for the Failure of Complex Systems
Article
|
4 min read
Article
Charis Rice, Rosalind Searle
Trust and Citizenship: The Insider Threat
Article
|
3 min read
Article
Paul Taylor
7 Things Worth Knowing About Groups
Article
|
4 min read
Article
Emma Williams
What Makes People Susceptible to Malevolent Influence Online?
Article
|
3 min read
Article
Emma Williams, Debi Ashenden
Phishing Scams Are Becoming Ever More Sophisticated And Firms Are Struggling To Keep Up
Article
|
4 min read
Article
Debi Ashenden
Employees Behaving Badly
Article
|
4 min read
Article
René Rydhof Hansen, Lizzie Coles-Kemp
Everyday Security: A Manifesto for New Approaches to Security Modelling
Article
|
3 min read
Article
Jeremy Watson, Emil Lupu
PETRAS: Cyber Security of the Internet of Things
Article
|
3 min read
Article
Debi Ashenden
Creativity and Cyber Security
Article
|
2 min read
Article
Sheryl Prentice
How Technology Could Help Predict Terrorist Attacks
Article
|
3 min read
Article
Joanne Hinds
How Does Phishing Work?
Article
|
3 min read
Guide
Adam Joinson, Joanne Hinds
2017 Messaging Applications
Guide
|
2 min read
Article
Debi Ashenden
Your Employees: The Front Line in Cyber Security
Article
|
10 min read
Article
Debi Ashenden
TalkTalk Data Breach Is a Wake Up Call for CEOs
Article
|
3 min read
Bystander reporting to prevent violent extremism and targeted violence: learning from practitioners

The willingness of friends or family to share concerns about an ‘intimate’ preparing to perpetrate public, mass violence, such as violent extremism or targeted violence, is considered a possible part of preventative strategies. To understand what is needed to help intimate bystanders share information on potential acts of violent extremism or targeted violence, we conducted 25 semi-structured qualitative interviews with experts in intimate bystander reporting, including law enforcement, social service and mental health providers, faith-based leaders, staff in school threat assessment programs, and community practitioners in California and Illinois. Results showed reporting was impeded by multiple factors, including lack of knowledge about violent extremism and reporting processes, fear of being incorrect, difficulty distinguishing between violent extremism and mental illness, low trust in law enforcement, and lack of standardized reporting processes. Practitioners said reporting could be improved by several interventions, including increasing awareness about reporting processes, improving reporting methods and policies, training community members who can take reports, and increasing trust between community members and law enforcement. Improving bystander reporting for targeted violence and violent extremism in the U.S. requires collaboratively strengthening law enforcement and community capacities based on sound theory, best practices, and monitoring and evaluation.

(From the journal abstract)


David P. Eisenman, Stevan Weine, Nilpa D. Shah, Nicole V. Jones, Chloe Polutnik Smith, Paul Thomas & Michele Grossman (2022): Bystander reporting to prevent violent extremism and targeted violence: learning from practitioners, Behavioral Sciences of Terrorism and Political Aggression, DOI: 10.1080/19434472.2022.2130960

https://www.tandfonline.com/doi/full/10.1080/19434472.2022.2130960
CLICKA: Collecting and leveraging identity cues with keystroke dynamics

The way in which IT systems are usually secured is through the use of username and password pairs. However, these credentials are all too easily lost, stolen or compromised. The use of behavioural biometrics can be used to supplement these credentials to provide a greater level of assurance in the identity of an authenticated user. However, user behaviours can also be used to ascertain other identifiable information about an individual. In this paper we build upon the notion of keystroke dynamics (the analysis of typing behaviours) to infer an anonymous user’s name and predict their native language. This work found that there is a discernible difference in the ranking of bigrams (based on their timing) contained within the name of a user and those that are not. As a result we propose that individuals will reliably type information they are familiar with in a discernibly different way. In our study we found that it should be possible to identify approximately a third of the bigrams forming an anonymous users name purely from how (not what) they type.

https://doi.org/10.1016/j.cose.2022.102780
The Enabling Role of Internal Organizational Communication in Insider Threat Activity – Evidence From a High Security Organization

This paper explores the role of internal communication in one under-researched form of organizational crisis, insider threat – threat to an organization, its people or resources, from those who have legitimate access. In this case study, we examine a high security organization, drawing from in-depth interviews with management and employees concerning the organizational context and a real-life incident of insider threat. We identify the importance of three communication flows (top-down, bottom-up, and lateral) in explaining, and in this case, enabling, insider threat. Derived from this analysis, we draw implications for communication and security scholars, as well as practitioners, concerning: the impact of unintentional communication, the consequences of selective silence and the divergence in levels of shared understanding of security among different groups within an organization.

(From the journal abstract)


  Rice, C., & Searle, R. H. (2022). ‘The Enabling Role of Internal Organizational Communication in Insider Threat Activity – Evidence From a High Security Organization.’ Management Communication Quarterly. 

https://doi.org/10.1177%2F08933189211062250
The development of structured guidelines for assessing risk in extremist offenders

This paper describes a methodology developed by the National Offender Management Service (NOMS) to assess risk and needs in convicted extremist offenders in England and Wales, and for the assessment of those offenders for whom there are credible concerns about their potential to commit such offences. A methodology was needed to provide an empirically-based systematic and transparent approach to the assessment of risk to inform proportionate risk management; increase understanding and confidence amongst front-line staff and decision-makers, and facilitate effective and targeted intervention. It outlines how the methodology was developed, the nature of the assessment, its theoretical underpinnings, the challenges faced and how these have been addressed. Learning from casework with offenders, from government commissioned research and the wider literature is presented in the form of 22 general factors (with an opportunity to capture additional idiosyncratic factors, i.e., 22+) that contribute to an individual formulation of risk and needs that bears on three dimensions of engagement, intent and capability. The relationship of this methodology, the Extremism Risk Guidelines (ERG 22+) with comparable guidelines, the Violent Extremism Risk Assessment 2 (VERA version 2) and the Multi-Level Guidelines (MLG), is also discussed. This paper also considers the ERG’s utility, validity and limitations.

(From the journal abstract)


Lloyd, M., & Dean, C. (2015). The development of structured guidelines for assessing risk in extremist offenders. Journal of Threat Assessment and Management, 2(1), 40–52.

https://doi.org/10.1037/tam0000035
An Evidence Synthesis of Covert Online Strategies Regarding Intimate Partner Violence

This systematic review synthesizes evidence of how people use the internet to deploy covert strategies around escaping from, or perpetrating, intimate partner violence (IPV). Online tools and services can facilitate individuals leaving abusive relationships, yet they can also act as a barrier to departure. They may also enable abusive behaviors. A comprehensive literature search of published and unpublished studies in electronic databases was conducted. Two researchers independently screened abstracts and full texts for study eligibility and evaluated the quality of included studies. The systematic review includes 22 studies (9 qualitative and 11 cross-sectional studies, a randomized control trial [RCT] and a nonrandomized study [NRS]) published between 2004 and 2017. Four covert behaviors linked to covert online strategies around IPV were identified: presence online, granular control, use of digital support tools and services, and stalking and surveillance. The same technology that provides individuals with easy access to information and supportive services related to IPV, such as digital devices, tools, and services, also enables perpetrators to monitor or harass their partners. This review takes a rigorous interdisciplinary approach to synthesizing knowledge on the covert strategies adopted by people in relation to IPV. It has particular relevance to practitioners who support survivors in increasing awareness of the role of digital technologies in IPV, to law enforcement agencies in identifying new forms of evidence of abuse, and in enabling designers of online/social media applications to take the needs and vulnerabilities of IPV survivors into account.

(From the journal abstract)


Grimani, A., Gavine, A., & Moncur, W. (2020b). An Evidence Synthesis of Covert Online Strategies Regarding Intimate Partner Violence. Trauma, Violence, & Abuse, 152483802095798.

https://doi.org/10.1177/1524838020957985
Immersive simulations with extreme teams

Extreme teams (ETs) work in challenging, high pressured contexts, where poor performance can have severe consequences. These teams must coordinate their skill sets, align their goals, and develop shared awareness, all under stressful conditions. How best to research these teams poses unique challenges as researchers seek to provide applied recommendations while conducting rigorous research to test how teamwork models work in practice. In this article, we identify immersive simulations as one solution to this, outlining their advantages over existing methodologies and suggesting how researchers can best make use of recent advances in technology and analytical techniques when designing simulation studies. We conclude that immersive simulations are key to ensuring ecological validity and empirically reliable research with ETs.

(From the journal abstract)


Brown, O., Power, N., & Conchie, S. M. (2020). Immersive simulations with extreme teams. Organizational Psychology Review, 10(3–4), 115–135.

https://doi.org/10.1177/2041386620926037
The impact of rapport on intelligence yield: Police source handler telephone interactions with covert human intelligence sources

Covert Human Intelligence Sources (CHIS) provide unique access to criminals and organised crime groups, and their collection of intelligence is vital to understanding England and Wales’ threat picture. Rapport is essential to the establishment and maintenance of effective professional relationships between source handlers and their CHIS. Thus, rapport-based interviewing is a fundamental factor to maximising intelligence yield. The present research gained unprecedented access to 105 real-life audio recorded telephone interactions between England and Wales police source handlers and CHIS. This research quantified both the rapport component behaviours (e.g., attention, positivity, and coordination) displayed by the source handler and the intelligence yielded from the CHIS, in order to investigate the frequencies of these rapport components and their relationship to intelligence yield. Overall rapport, attention and coordination significantly correlated with intelligence yield, while positivity did not. Attention was the most frequently used component of rapport, followed by positivity, and then coordination.

(From the journal abstract)


Nunan, J., Stanier, I., Milne, R., Shawyer, A., Walsh, D., & May, B. (2020). The impact of rapport on intelligence yield: Police source handler telephone interactions with covert human intelligence sources. Psychiatry, Psychology and Law, 1–19.

https://doi.org/10.1080/13218719.2020.1784807
Source Handler perceptions of the interviewing processes employed with informants.

The collection of accurate, detailed, and timely intelligence buttresses critical law enforcement decision-making. However, the quality and quantity of the intelligence gathered relies heavily upon the interviewing techniques used to retrieve it. The perceptions of intelligence practitioners are key to developing an understanding of practices concerning intelligence collection. Yet, to date, no research has been undertaken that explores the United Kingdom’s Source Handlers’ perceptions of the interviewing processes employed with informants. The present study interviewed 24 Source Handlers from Counter Terrorism Dedicated Source Units in the United Kingdom. Five themes emerged from the interviews, (i) a comparison between interviewing and debriefing; (ii) the PEACE model in intelligence interviews; (iii) the importance of effective communication; (iv) Source Handlers’ use of cognitive retrieval techniques; and, (v) Source Handler interview training. The perceived commonalities between interviewing and debriefing provided support for the transferability of investigative interviewing research and practices into the collection of Human Intelligence (HUMINT), reiterating themes (ii), (iii), and (iv). Finally, participants highlighted a need for additional training concerning intelligence gathering techniques, as police officers who are responsible for gathering HUMINT could benefit from further professional development based on investigative interviewing research and professional practices.

(From the journal abstract)


Nunan, J., Stanier, I., Milne, R., Shawyer, A., & Walsh, D. (2020b). Source Handler perceptions of the interviewing processes employed with informants. Journal of Policing, Intelligence and Counter Terrorism, 15(3), 244–262.

https://doi.org/10.1080/18335330.2020.1820069
The Psychology of Criminal Investigation: From Theory to Practice

The contribution of psychological research to the prevention of miscarriages of justice and the development of effective investigative techniques is now established to a point where law enforcement agencies in numerous countries either employ psychologists as part of their staff, or work in cooperation with academic institutions. The application of psychology to investigation is particularly effective when academics and practitioners work together. This book brings together leading experts to discuss the application of psychology to criminal investigation.

This book offers an overview of models of investigation from a psychological and practical view point, covering topics such as investigative decision making, the presentation of evidence, witness testimony, the detection of deception, interviewing suspects and evidence-based police training. It is essential reading for students, researchers and practitioners engaged with police practice, investigation and forensic psychology.

(From the journal abstract)


Griffiths, A., & Milne, R. (Eds.). (2018). The Psychology of Criminal Investigation: From Theory to Practice (1st ed.). Routledge.

https://doi.org/10.4324/9781315637211
Detecting smugglers: Identifying strategies and behaviours in individuals in possession of illicit objects

Behaviour detection officers' task is to spot potential criminals in public spaces, but scientific research concerning what to look for is scarce. In two experiments, 52 (Experiment 1A) and 60 (Experiment 2A) participants carried out a mission involving a ferry crossing. Half were asked to smuggle an object; the other half were non‐smugglers. In Experiment 2A, two confederates appeared to approach as if looking for someone on the ferry.

Smugglers, more than non‐smugglers, reported afterwards to have felt nervous, self‐conscious, and conspicuous and to attempt behavioural control during the ferry crossing. The secretly videotaped ferry crossings were shown to 104 (Experiment 1B) and 120 (Experiment 2B) observers, tasked to identify the smugglers. Although they reported paying attention mostly to signs of nervousness, lie detection accuracy rate was poor (48% in Experiment 1 and 39.2% in Experiment 2) because their perceptions of nervousness did not match the experiences of nervousness reported by the (non)smugglers.

(From the journal abstract)


Samantha Mann, Haneen Deeb, Aldert Vrij, Lorraine Hope & Lavinia Pontigia, 2019. Detecting Smugglers: Identifying strategies and behaviours in individuals in possession of illicit objects. Applied Cognitive Psychology. https://doi.org/10.1002/acp.3622

In Their Own Words: Employee Attitudes towards Information Security

The purpose of this study is to uncover employee attitudes towards information security and to address the issue of social acceptability bias in information security research.

Design/methodology/approach

The study used personal construct psychology and repertory grids as the foundation for the study in a mixed-methods design. Data collection consisted of 11 in-depth interviews followed by a survey with 115 employee responses. The data from the interviews informed the design of the survey.

Findings

The results of the interviews identified a number of themes around individual responsibility for information security and the ability of individuals to contribute to information security. The survey demonstrated that those employees who thought the that organisation was driven by the need to protect information also thought that the risks were overstated and that their colleagues were overly cautious. Conversely, employees who thought that the organisation was driven by the need to optimise its use of information felt that the security risks were justified and that colleagues took too many risks.

Research limitations/implications

The survey findings were not statistically significant, but by breaking the survey results down further across business areas, it was possible to see differences within groups of individuals within the organisation.

Originality/value

The literature review highlights the issue of social acceptability bias and the problem of uncovering weakly held attitudes. In this study, the use of repertory grids offers a way of addressing these issues.

(From the journal abstract)


Debi Ashenden. 2018. ‘In Their Own Words: Employee Attitudes towards Information Security’. Information and Computer Security, 26 (3): 327–37. https://doi.org/10.1108/ICS-04-2018-0042.

Press Accept to Update Now: Individual Differences in Susceptibility to Malevolent Interruptions

Increasingly, connected communication technologies have resulted in people being exposed to fraudulent communications by scammers and hackers attempting to gain access to computer systems for malicious purposes. Common influence techniques, such as mimicking authority figures or instilling a sense of urgency, are used to persuade people to respond to malevolent messages by, for example, accepting urgent updates. An ‘accept’ response to a malevolent influence message can result in severe negative consequences for the user and for others, including the organisations they work for.

This paper undertakes exploratory research to examine individual differences in susceptibility to fraudulent computer messages when they masquerade as interruptions during a demanding memory recall primary task compared to when they are presented in a post-task phase. A mixed-methods approach was adopted to examine when and why people choose to accept or decline three types of interrupting computer update message (genuine, mimicked, and low authority) and the relative impact of such interruptions on performance of a serial recall memory primary task.

Results suggest that fraudulent communications are more likely to be accepted by users when they interrupt a demanding memory-based primary task, that this relationship is impacted by the content of the fraudulent message, and that influence techniques used in fraudulent communications can over-ride authenticity cues when individuals decide to accept an update message. Implications for theories, such as the recently proposed Suspicion, Cognition and Automaticity Model and the Integrated Information Processing Model of Phishing Susceptibility, are discussed.

(From the journal abstract)


Williams, Emma J., Phillip L. Morgan, and Adam N. Joinson. 2017. ‘Press Accept to Update Now: Individual Differences in Susceptibility to Malevolent Interruptions’. Decision Support Systems 96 (April): 119–29. https://doi.org/10.1016/j.dss.2017.02.014.

Security Dialogues: Building Better Relationships between Security and Business

In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes.

By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff.

(From the journal abstract)


Ashenden, Debi, and Darren Lawrence. 2016. ‘Security Dialogues: Building Better Relationships between Security and Business’. IEEE Security Privacy 14 (3): 82–87. https://www.computer.org/cms/Computer.org/ComputingNow/issues/2016/08/msp2016030082.pdf.

Employees: The Front Line in Cyber Security

What happens if you lose trust in the systems on which you rely? If the displays and dashboards tell you everything is operating normally but, with your own eyes, you can see that this is not the case? This is what apparently happened with the Stuxnet virus attack on the Iranian nuclear programme in 2010.

Dr Debi Ashenden, CREST lead on protective security and risk assessment, writes that with cyber attacks set to rise, it’s important that we empower employees to defend our front line.

(From the journal abstract)


Ashenden, Debi. 2017. ‘Employees: The Front Line in Cyber Security’. The Chemical Engineer, February 2017, 908 edition. https://crestresearch. ac.uk/comment/employees-front-line-cyber-security/.

 

Individual Differences in Susceptibility to Online Influence: A Theoretical Review

Scams and other malicious attempts to influence people are continuing to proliferate across the globe, aided by the availability of technology that makes it increasingly easy to create communications that appear to come from legitimate sources. The rise in integrated technologies and the connected nature of social communications means that online scams represent a growing issue across society, with scammers successfully persuading people to click on malicious links, make fraudulent payments, or download malicious attachments.

However, current understanding of what makes people particularly susceptible to scams in online contexts, and therefore how we can effectively reduce potential vulnerabilities, is relatively poor. So why are online scams so effective? And what makes people particularly susceptible to them? This paper presents a theoretical review of literature relating to individual differences and contextual factors that may impact susceptibility to such forms of malicious influence in online contexts.

A holistic approach is then proposed that provides a theoretical foundation for research in this area, focusing on the interaction between the individual, their current context, and the influence message itself, when considering likely response behaviour.

(From the journal abstract)


Williams, Emma J., Amy Beardmore, and Adam N. Joinson. 2017. ‘Individual Differences in Susceptibility to Online Influence: A Theoretical Review’. Computers in Human Behavior 72 (July): 412–21. https://doi.org/10.1016/j.chb.2017.03.002.

Back to top