IT Security is constructed by the perception of users of IT – it is a latent social construct. This is the hypothesis of our current research programme »Psychology of Security«. We are researching how people construct security, how they act according to their construct and how they gain skills and knowledges as an individual person or in organisations.

This qualitative research is fundamental to the scientifically sound development of any training programme.

We have interviewed several users, system administrators and hackers/IT security specialists with autobiographic narrative and expert interviews. Aim of these interviews is to explore the perception of IT security related knowledge and skills in these interviewees. The findings can be used for the formation of hypotheses for further quantitative research and in the construction of training and teaching methods. The ultimate goal of the research programme is to develop a scientifically sound didactics for IT security.

This talk presents the latest results from our research programme about the psychology of security.

I will show

  • how our research has been conducted
  • how the research methods (qualitative, semistructured interviews) have been used
  • what the research results are
  • how the interviewees construct reality
  • how the construction changes according to the technical skills of the interviewee
  • how we can use these findings for further research
  • first tips on how to create effective and efficient IT security training programmes
  • how you can use our methods to create effective and efficient IT security training programmes

ZG

Publikationen