Research > Cognitive Factors in Cybersecurity

Photograph of an ethernet cable NSF Logo

We take an interdisciplinary approach to improving the security of computer networks. Currently, we focus on three areas of need: cybersecurity professionals, workforce development, and cyber hygiene.

This project is funded by the National Science Foundation under CAREER: RUI: Understanding Human Cognition in Computer Network Defense

Cybersecurity Professionals: Understanding Cognition and Proficiency

Cyber security professionals, the individuals responsible for keeping organizations secure, investigate network activity to find, identify, and respond to threats. These individuals are among the last lines of defense for an organization. Cyber security professionals depend on automated tools to perform their jobs but must make critical decisions that impact security. Therefore, successful defense against cyber attacks depends on human decision making. This research identifies cognitive outcomes that predict successful threat response. We are investigating the content and structure of cyber security professionals' knowledge, creating assessments of cyber security professional cognition, and developing training techniques for cyber security decision making. This project's broader impacts address the large need for cyber security workforce development. The training developed through this research will make cyber security careers more accessible to individuals beyond traditional computer science career paths. Threat response training for network defense provides a strategic advantage against cyber adversaries and increasingly sophisticated threats.

Selected Publications & Presentations

Workforce Development: Addressing the Cybersecurity Shortage

To help address a massive shortage of cybersecurity professionals, we advise on best practices for encouraging, diversifying, and developing the next generation of STEM professionals. We collaborate with Cyber Spartans, a STEM education program of the SJSU Center for Community Learning and Leadership.

Selected Publications & Presentations

Cyber Hygiene: Empowering Individuals' Security

We study how individual knowledge and behavior by employees, customers, and the general public affects Internet security.

Selected Publications & Presentations

Any opinions, findings, and conclusions or recommendations expressed on this site are those of the author(s) and do not necessarily reflect the views of the National Science Foundation or San José State University.