Cybersecurity is generally considered a matter for experts in IT security. When it comes to dealing with the issue these professionals are certainly needed, as it is important to understand the technical elements in cyber incidents. But there are other aspects often neglected, such as those related to the “human factor”: those factors are not to be considered marginal, since even the experts in cyber security agree that humans are the weakest link in security. In fact, many cyberattacks are successful precisely because they exploit human vulnerabilities. This is where a different set of competences comes into play and a more holistic approach is required to analyse human vulnerabilities. At the end of the day we are talking about behaviours, not computers. Because of my professional background and experience, I always say, “I deal with people rather than machines”. In particular I study the interaction between humans and machines from a behavioural viewpoint in relation to security.
Read the full interview here