Keynote: Human-Centric Cyber

In this keynote, I will discuss the importance of human factors in cyber security and highlight lessons learned from conducting user-centered design activities with cyber security analysts. As network traffic volume, interconnectedness of devices, and sophistication of cyber threats all continue to increase, so do concerns about the complexity of providing cyber security. Many research efforts focus on the technology aspects of cyber security; few focus on studying the challenges faced by the human ecosystem of analysts, operators, and senior leaders. User-centered design can help uncover unmet needs and gather requirements to build effective systems to support those that perform cyber security work. Design methods in this domain can help establish user needs, identify opportunities for technology to assist, and evaluate concepts - in this, talk we will discuss examples of each. Ultimately, by embracing the human element of cyber, and positioning the human as the focal point of the research process, we can help the technology community be more efficient at building effective tools. We encourage future cyber security projects to broaden the research methodologies, methods, and techniques at their disposal in order to more completely explore this space. The talk will draw from research experience and field work with users on a number of cyber security research projects. Topics covered will include formative user research and the user-centered design process [1, 2], situation awareness prototyping efforts [3, 4], and evaluation methods for cyber security visualization tools [5].