Our Research
Research focus on the socio-technical aspects of information systems security and privacy, studying human behaviors and interactions to enhance cybersecurity decision-making and policies.
Our research area focus on the socio-technical aspect of information systems security and privacy.Our goal is to conduct high-quality, interdisciplinary research on human behaviours and interactions with information systems; to support innovation, decision-making, and policy surrounding cybersecurity security issues related to individuals, organisations, and society.
- The Human Aspect of Cybersecurity and Privacy: This theme examines how humans interact with and reason about information systems, emphasising the impact of human behaviour on security and privacy. It includes research on information security policy compliance and the cultivation of an information security culture within organisations.
- Cybercrime and Society: This theme explores the motivations, complexities, and social factors of cybercrime. We also explore current trends, identify patterns, for effective mitigation strategies.
- Cybersecurity Awareness, Training, and Education Research: This theme aims to develop effective programs for raising awareness and training. We also engage in pedagogical research with the goal of enhancing cybersecurity education for organisations, and society at large.
- Design and Development of Secure Information Systems: Grounded in Design Science Research, this theme aims to design and develop cybersecurity and privacy artefacts that align with the needs of individuals, organisations, and society. Our team applies principles from software engineering, secure coding, and design science research to investigate early-stage integration of security considerations in information systems design and development. This 'security by design' philosophy forms a key part of our work. We seek to create secure and ethical solutions that foster prosperity and well-being
- Usable Security: The focus is on intersection of human-computer interaction and cybersecurity, researching ways to design user-friendly security systems and privacy settings that can help reduce user errors and enhance system security.
- Dark Patterns and Usability: We examine the effects of deceptive user interface designs, or "dark patterns", on user behaviour and decisions. This involves usability testing and heuristic evaluations, focusing particularly on consent mechanisms, privacy settings, and cookie notices.
- Cybersecurity and Emerging Technologies: This area explores the intersection of cybersecurity with emerging technologies like Artificial Intelligence (AI) tools, the Internet of Things (IoT), the Internet of Medical Things (IoMT) and Blockchain. These emerging technologies offer revolutionary changes across sectors but also introduce new, complex cybersecurity challenges. From data privacy concerns in AI to the poor security measures of many IoT and IoMT devices, this theme aims to dissect the unique risks and potential mitigations. In combination with the information security design and development theme, our aim is to develop comprehensive cybersecurity strategies and frameworks tailored to these emerging technologies. We are particularly interested in creating scalable, robust, and adaptable cybersecurity solutions that organisations can easily implement.