Human Factors in Security SIG

Mission

People have become the main driver for breaches but the human factors remain insufficiently addressed in the IT security sector. The mission of this SIG is to improve the understanding of human factors in security among security professionals worldwide. To achieve this goal we will facilitate a regular exchange on methods, measures and skill sets to effectively address the human factors in security.

Goals & Deliverables

Our goal is to exchange best practices, provide orientation and share knowledge among members through regular meetings, a forum, and a resource library.

Deliverables:

• Hosting regular meetings including webinars
• Facilitating peer-to-peer learning: The SIG will facilitate peer-to-peer learning by providing a forum (slack channel) for members to ask questions, share experiences, and get feedback from other security (awareness) professionals.
• Sharing news and updates: The SIG will provide members with regular updates on the latest trends and developments, helping them to stay informed and stay ahead of emerging threats.
• Providing mentorship and guidance: The SIG can provide mentorship and guidance to members who are new to security awareness, or who are looking to expand their skills and knowledge in this area.
• Developing a resource library: The SIG could create a library of resources, such as training materials, case studies, or templates, that members can access and use to help promote security awareness within their own organisations.

Chair

• Cornelia Puhze, SWITCH-CERT
• Katja Dörlemann, SWITCH-CERT

Meetings

• At the Annual Conference (in person)
• Monthly (virtually)

Request to Join

• Initiatives
  • Special Interest Groups (SIGs)
    • SIGs Framework
    • Academic Security SIG
    • Automation SIG
    • Big Data SIG
    • Common Vulnerability Scoring System (CVSS-SIG)
      • Calculator
      • Specification Document
      • User Guide
      • Examples
      • CVSS v3.1 Documentation & Resources
        • CVSS v3.1 Calculator
        • CVSS v3.1 Specification Document
        • CVSS v3.1 User Guide
        • CVSS v3.1 Examples
        • CVSS v3.1 Calculator Use & Design
      • CVSS v3.0 Archive
        • CVSS v3.0 Calculator
        • CVSS v3.0 Specification Document
        • CVSS v3.0 User Guide
        • CVSS v3.0 Examples
        • CVSS v3.0 Calculator Use & Design
      • CVSS v2 Archive
        • CVSS v2 Complete Documentation
        • CVSS v2 History
        • CVSS-SIG team
        • SIG Meetings
        • Frequently Asked Questions
        • CVSS Adopters
        • CVSS Links
      • CVSS v1 Archive
        • Introduction to CVSS
        • Frequently Asked Questions
        • Complete CVSS v1 Guide
      • JSON & XML Data Representations
      • CVSS On-Line Training Course
      • Identity & logo usage
    • CSIRT Framework Development SIG
    • Cyber Insurance SIG
      • Cyber Insurance SIG Webinars
    • Cyber Threat Intelligence SIG
      • Curriculum
        • Introduction
        • Introduction to CTI as a General topic
        • Methods and Methodology
        • Source Evaluation and Information Reliability
        • Threat Modelling
        • Training
        • Standards
        • Glossary
    • DNS Abuse SIG
      • Code of Conduct & Other Policies
      • Examples of DNS Abuse
    • Ethics SIG
      • Ethics for Incident Response Teams
    • Exploit Prediction Scoring System (EPSS)
      • Frequently Asked Questions
      • The EPSS Model
      • Related Papers
      • Data and Statistics
      • API
      • User Guide and Exploit Data
      • Contributing Articles
        • Understanding EPSS Probabilities and Percentiles
        • Log4Shell Use Case
        • Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities
      • Data Partners
    • FIRST Multi-Stakeholder Ransomware SIG
    • Human Factors in Security SIG
    • Industrial Control Systems SIG (ICS-SIG)
    • Information Exchange Policy SIG (IEP-SIG)
    • Information Sharing SIG
      • Malware Information Sharing Platform
    • Malware Analysis SIG
      • Malware Analysis Framework
      • Malware Analysis Tools
    • Metrics SIG
      • Metrics SIG Webinars
    • NETSEC SIG
    • Passive DNS Exchange
    • PSIRT SIG
    • Red Team SIG
    • Retail and Consumer Packaged Goods (CPG) SIG
    • Security Lounge SIG
    • Threat Intel Coalition SIG
      • Membership Requirements and Veto Rules
    • Traffic Light Protocol (TLP-SIG)
    • Vulnerability Coordination
      • Multi-Party Vulnerability Coordination and Disclosure
      • Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure
    • Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)
      • Vulnerability Database Catalog
    • Women of FIRST
  • Internet Governance
  • IR Database
  • Fellowship Program
    • Application Form
  • Mentorship Program
  • IR Hall of Fame
    • Hall of Fame Inductees
  • Victim Notification
  • Volunteers at FIRST
    • FIRST Volunteers
    • Volunteer Contribution Record
  • Previous Activities
    • Best Practices Contest