Dive into practical advice, research findings, and expert perspectives on building security-aware cultures. Explore evidence-based strategies to strengthen your organization's human security posture.
In the first two blogs of this series, we explored how choice architecture shapes behaviour and why secure defaults are one of the most powerful tools in security. Now it’s time to move into the world of user experience (UX) and interface design, where the smallest details can have the biggest impact on whether people behave securely… or take risky shortcuts.
Read ArticlePart two of a seven-part series unpacking how the behavioural science concept of choice architecture can be woven into IT architecture, UX/UI, and development lifecycles to nudge, guide, and default users toward secure behaviours – without relying solely on training or policy. Each article will blend behavioural science, secure-by-design principles, and practical application in the technology lifecycle.
Read ArticleThe first of a seven-part series that will unpack how the behavioural science concept of choice architecture can be woven into IT architecture, UX/UI, and development lifecycles to nudge, guide, and default users toward secure behaviours – without relying solely on training or policy. Each article will blend behavioural science, secure-by-design principles, and practical application in the technology lifecycle.
Read ArticleFrom automating processes to generating insights, AI offers unprecedented opportunities. But alongside this opportunity comes a quieter, less technical challenge: AI misuse by humans inside organisations. When we talk about AI risk, the conversation often fixates on model bias, adversarial attacks, or regulatory compliance. Yet many of the most immediate risks don’t come from the technology itself – they come from the way people choose to use it.
Read ArticleYour face. Your voice. Your words – used against you. In the age of AI, deception just became terrifyingly personal.
Read ArticleAs cyber threats become more sophisticated, organisations are coming under increasing pressure to monitor employee activity more closely. From detecting insider threats to preventing data leaks, behaviour monitoring has become a standard security policy within many organisations.
Read ArticleWhat do con artists from the 1800s and modern-day hackers have in common? More than you think. While the tools have changed, the tactics haven’t. Welcome to the age of digital deception.
Read ArticleWe often talk about layered defence, about defending against sophisticated nation-state actors, insider threats, supply chain vulnerabilities, and AI-driven phishing campaigns. But let’s be honest: we’re still losing ground to the simplest exploit vector of all – passwords.
Read ArticleThis article explores the emerging intersection of synthetic cognition, AI-driven cyber threats, and human behavioural preparedness. The cyber evolution is no longer on the horizon, it is here.
Read ArticleWhile technical vulnerabilities remain important, attackers increasingly exploit human vulnerabilities through methods rooted in dark psychology: the use of manipulation, coercion, and deceit to influence behaviour for malicious gain. These tactics operate in the shadows, undetected by firewalls, unnoticed by endpoint protection, and strike at the core of human decision-making.
Read ArticleFrom a behavioural and human factors perspective, there’s one critical ingredient that matters more than any tool, training module, or policy: Psychological safety. This may sound surprising in a world dominated by technical controls, but here’s the truth: without psychological safety, even the most sophisticated cybersecurity systems are undermined by silence, fear, and inaction.
Read ArticleIn the pursuit of embedding strong cybersecurity practices across an organisation, many professionals have turned to Security Champion Programmes as a key strategy. These programmes leverage employees who are embedded within business units or teams to promote secure behaviours and act as local advocates of cyber risk awareness.
Read Article