How long have you been working in this field and what brought you to this point in your research and career
I am a social and organisational psychologistwho has been researching social interactions and group behaviours since my PhD – since about 2005. During this time Web 2.0 took off and it became a natural step to look at how humans interact online and via networked devices. Throughout my research career I have been looking at the way in which humans interact with technology and how it affects psychological and behavioural outcomes. I’ve been in this broad area for 15 years and have had a parallel stream of work in organisational behaviour and organisational psychology.
Cyber security has relevant topics in both those streams. In terms of social psychological processes I’m interested in how people interact and develop shared group identities and develop ideas for adversarial actions. In terms of cyber security, I’m interested in how and why groups and individuals come together to do something that would breach the privacy or security of others. In organisations, I’m interested in the behaviours that mean that employees might comply or not comply with policies around cyber safety and security. My interests have moved from the offline to the online world as technology has evolved over the last ten years.
What is your role within the CDT?
My formal role is co-lead for interdisciplinarity and student experience with Theo Tryfonas. I am the representative from Psychology on the Leadership Team so I bring a focus on human factors and psychological processes and outcomes, and also on psychological research methods.
What interests you about the CDT specifically?
The CDT is a fantastic opportunity for our students, as Early Career Researchers, to learn about cyber security and it’s a great opportunity for me personally to mentor and develop early career scholars in this area. It’s a really rewarding experience to contribute to that career development process for new scholars. Mentoring PhD students and talking with them about their ideas is one of my favourite aspects of my role.
This specific CDT lies at a really interesting intersection between multiple different disciplines and topics - we talk about issues of trust, identity, privacy and security at scale which brings together the disciplines of computer science, data science, maths, psychology, business, management - the list goes on, and we’re developing scholars who have skills that transcend one specific discipline and they’re able to talk across disciplines. I believe we’re producing a generation of scholars who will really ride the crest of this wave of cyber security work. It’s very exciting!
What excites you about cyber security?
I’ve always seen research into cyber security as an opportunity for positive social change and that we’re trying to make the connected, networked world a safer place for people to interact within, to use, because although technology evolves at a really quick pace and people often see the amazing utility and value of using new technology, that means that sometimes people overlook or don’t consider the security implications of these new design features, these new technologies. It’s an exciting place to work because we have an opportunity to dissect, and to analyse and to design ways in which to make this world more secure as well as more exciting and more innovative.
So for me it’s about an opportunity for positive social change. As we see technology evolving, and mechanisms to enhance privacy evolve, we have this opportunity to study the changes in the ways in which people interact with technology. From my perspective it’s looking at how there are new psychological and social phenomena that emerge because we have new networked devices and new ways to interact with each other online.
What are your future ambitions for your work?
One of the key research questions that drives me personally is how and why groups develop online and they use mechanisms for privacy - to interact privately, to perpetrate and incite attacks on others. That could be a denial of service attack, or an attack on another group or an infrastructure or a nation. How and why do people do that? What are the technological, social, and psychological mechanisms that produce and facilitate those groups? Why do people decide to join a group that wants to do something like that? How do groups recruit new members? What happens in those private spaces? Can we protect ourselves and others against attacks? I’m interested in the process of trust and group identity formation in and between groups and how they are facilitated by the design features of our networked devices – things like privacy and encryption.
I hope that we can better understand these processes and how trust and identity and privacy intersect to affect security. I hope that by the end of my career, I will have contributed insight into these questions to make our world safer and produce positive social change by harnessing what we know about human behaviour in this networked world.