September 15, 2020
10th International Workshop on Socio-Technical Aspects in SecuriTy ,17 September 2020. Affiliated with the 25th European Symposium on Research in Computer Security (ESORICS) 2020 After evaluating the ongoing COVID-19 situation, the decision has been made to run ESORICS 2020 and the associated workshops as an online event. Therefore, STAST 2020 will take place as entirely virtual.
The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences.
The full programme is available at http://www.stast.uni.lu/programme.html
STAST will feature an invited talk by Angela Sasse (Ruhr University Bochum)
Dysfunctional relationships in security–and how to move beyond them
In 20 years of usable security research, and a parallel body of research on security culture in information security, little attention has been paid to how the relationships between different stakeholders affect security decision-making in organisations. Notable exceptions are the security dialogues work by Ashenden & Lawrence (2016) and the inclusive security approach pioneered by Coles-Kemp and colleagues (e.g. Hall, Heath & Coles-Kemp, 2015). My research has found that security professionals often abuse security as a means of power (Inglesant & Sasse, 2010) and take a non-trusting stance towards non-security colleagues (Kirlappos & Sasse 2015). In a current project, we examine the relationship between business leaders and security professionals. I will present the core misunderstanding that causes those relationships to be dysfunctional, and examine how different stakeholders have to evolve too so that we can build functional relationships.
Registration costs £25 per person and gives access to STAST and the whole of ESORICS.
Please visit http://www.stast.uni.lu/registration.html