Julie Haney, Clyburn Cunningham, Susanne Furman (National Institute of Standards and Technology)

The “research-practice gap” can prevent the application of valuable research insights into practice. While the gap has been studied in several fields, it is unclear if prior findings and recommendations apply to human-centered cybersecurity (HCC), which may have its own challenges due to the unique characteristics of the cybersecurity field. Overcoming the gap in HCC is especially important given the large role of human behavior in cybersecurity outcomes. As a starting point for understanding this potential gap, we conducted a survey of 152 cybersecurity practitioners. We found that, while participants see the value in and are eager to receive and integrate HCC insights, they experienced a number of challenges in doing so. Based on our results, we discuss implications of our results, including how we extend prior research-practice work, suggestions for how to better support practitioners in integrating HCC into their work, and foundations for future work to explore meaningful solutions.

View More Papers

In Control with no Control: Perceptions and Reality of...

Jason Morris, Ingolf Becker, Simon Parkin (University College London)

Read More

Security Attacks to the Name Management Protocol in Vehicular...

Sharika Kumar (The Ohio State University), Imtiaz Karim, Elisa Bertino (Purdue University), Anish Arora (Ohio State University)

Read More

K-LEAK: Towards Automating the Generation of Multi-Step Infoleak Exploits...

Zhengchuan Liang (UC Riverside), Xiaochen Zou (UC Riverside), Chengyu Song (UC Riverside), Zhiyun Qian (UC Riverside)

Read More

A Comparative Analysis of Difficulty Between Log and Graph-Based...

Matt Jansen, Rakesh Bobba, Dave Nevin (Oregon State University)

Read More