Admission only after intake, see website of the Cyber Security Academy
Elective in master’s programme Cyber Security
‘Actors and behaviour in cyberspace’ brings together a wide variety of insights into the emergence of cybersecurity incidents from the behavioural sciences, explaining the ‘human factor’ in cybersecurity. In this course we will look at the behavioural causes of cybersecurity issues, both intentional (hacking, cybercrime) and accidental ones (humans make mistakes, are unaware, or careless), on both a individual and a group level.
In the current cybersecurity landscape much effort is put into researching, detecting and remedying intentional cybersecurity risks, i.e. risks generated by individuals, groups or nation states that exploit weaknesses in the network systems of other individuals, groups or nation states. More particularly, a lot of emphasis is placed on two topics: activities that fall under the carrier concept of cybercrime, and the protection of critical infrastructures as key systems in our economies. Much less attention is paid to what Van den Berg has termed ‘cyber accidents’, to the set of cybersecurity incidents that may arise as a result of (1) human error, or (2) technical errors. The former can have myriad causes and take a wide variery of forms. The latter are largely due to the complexity of modern network technologies, which lead to inherent unpredictabilities in individuals. These unpredictabilities only exacerbate once technologies are hooked into networks. Van den Berg and Boeke argue that the realm of cyber accidents needs urgent scientific attention, because unintentional cyber risks may have signicant economic and societal impact. No consolidated attempt has been made, however, to shed light on the size, breadth and impact of this set of problems. To gain a clearer understanding of cybersecurity risks of both kinds (intentional and accidental ones), and shed light on the role of the human factor therein, Van den Berg and Boeke are currently developing new methods aimed clarifying conceptually which actors play a role in different types of incidents, what drives these actors (if anything) and what their goals are (if any). In this course we will discuss the outcomes of their (ongoing) research in this area.
basic knowledge and understanding of the root causes of different forms of cybersecurity risks and incidents and how to categorise those
basic knowledge and understanding of the contributions made by the behavioural sciences (with a special focus on sociology, psychology, criminology and economics) in analysing and evaluating the role of (human) behaviour and agency in cybersecurity
basic knowledge and understanding of the human factor in cybercrime (profiles of cybercriminals, social engineering), in economic cybercrimes and the economic incentives in/of cybersecurity incidents
insight in perceptions of (cyber)security (rational actor theory, securitisation, politicking) and in cybersecurity accidents (awareness, risk perception, knowledge & skills, motivation)
Participants are able to:
- write a research paper on a topic that fits within one of more of the themes addressed in this course
5 Fridays from 9.30 until 17.00, either in April/May or in June/July, to be scheduled dependant on preferences of participants
Mode of instruction
Lectures, seminars, exercises, class discussion
Lecturers: Dr. Bibi van den Berg, Dr.Esther Keymolen, Sergei Boeke LLM.
The grade of this assignment is composed of three elements:
- problem identification (10%)
- scientific paper (60%)
- presentation of media campaign (30%)
No compensation is possible for assignments of 30% or more.
Yes, for posting slides of lectures, relevant literature and assignments
Compulsory literature and literature for further consultation will be announced via Blackboard
No registration is required for lectures and exams.
Dr. Bibi van den Berg Drs. Mireille Snels, programme manager
For more information see the website of the Cyber Security Academy