The RISCS Annual Report 2016 was released at the UK Cyber Security Research Institutes Conference in October 2016, and is available to download.

The RISCS Annual Report 2017 was released at the UK Cyber Security Research Institutes Conference in October 2017, and is available to download here (opens PDF)

The 2018 RISCS Annual Report was released at the UK Cyber Security Research Institutes Conference in October 2018, and is available to download here (opens PDF).

We are delighted to present the 2019 RISCS Annual Report. The Report brings you progress updates of the RISCS projects, informs of recent changes at RISCS and shares our plans for 2020. Download the report here.

Kat Krol, Simon Parkin and M. Angela Sasse Abstract Biometric technologies have the potential to reduce the effort involved in securing personal activities online, such as purchasing goods and services. Verifying that a user session on a website is attributable to a...

Iacovos Kirlappos, Adam Beautement and M. Angela Sasse Abstract Information security has adapted to the modern collaborative organisational nature, and abandoned "command-and-control" approaches of the past. But when it comes to managing employee's information...

Michael T.M. Emmerich, André H. Deutz and Iryna Yevseyeva Abstract In the a-posteriori approach to multicriteria decision making the idea is to first find a set of interesting (usually non-dominated) decision alternatives and then let the decision maker select among...

Iryna Yevseyeva, Charles Morisset, Thomas Groß, Aad van Moorsel Abstract Information security decisions typically involve a trade-off between security and productivity. In practical settings, it is often the human user who is best positioned to make this trade-off...

Charles Morisset, Iryna Yevseyeva, Thomas Groß, Aad van Moorsel Abstract We propose in this paper a formal model for soft enforcement, where a decision-maker is influenced towards a decision, rather than forced to select that decision. This novel type of enforcement...

Makayla Lewis and Lizzie Coles-Kemp Abstract This paper presents an adult visual narrative stimulus (tactile visual library) that supports the reduction of physical distance between the user-centred design practitioner (maker of the visual narrative artefact) and the...

Date: June 2014Published: Industry & Parliament Trust Report: Cyber Security 2.0: Reflections on UK/EU Cyber-Security Co-OperationPublisher: Industry and Parliament TrustPublisher URL: http://www.ipt.org.ukFull Text:...

Jennett, Charlene; Brostoff, Sacha; Malheiros, Miguel; Sasse, M. Angela Abstract: To inspire confidence in consumer credit and improve outcomes for consumers, negative experiences such as being denied credit must be handled appropriately. We conducted an online survey...

Iryna Yevseyeva, James Turland, Charles Morisset, Lynne Coventry, Thomas Gross, Christopher Laing, Aad van Moorsel Abstract In this work we address the main issues of Information Technology (IT) consumerization that are related to security risks, and vulnerabilities...

Kat Krol, Muhammad Sajidur Rahman, Simon Parkin, Emiliano De Cristofaro and Eugene Y. Vasserman Abstract This paper presents the design and the results of a cross-cultural study of user perceptions and attitudes toward electronic payment methods. We conduct a series...

Lisa Thomas and Pamela Briggs Abstract Identity technologies constitute one of the fastest growing areas for research and development, driven by both commercial and administrative imperatives. Crucially, they constitute the means by which we include or exclude...

Simon Parkin, Kat Krol, Ingolf Becker and M. Angela Sasse Abstract Security tasks can burden the individual, to the extent that security fatigue promotes had security habits. Here we revisit a series of user-centred studies of security mechanisms as part of regular...

Makayla Lewis and Lizzie Coles-Kemp Abstract This paper puts forward methods used to develop a current experience comic strip (CECS), an instrument designed to support empathy by aligning personas and narrative scenarios, for use by InfoSec practitioners. Keywords:...