Julie Haney, Clyburn Cunningham, Susanne Furman (National Institute of Standards and Technology)

The “research-practice gap” can prevent the application of valuable research insights into practice. While the gap has been studied in several fields, it is unclear if prior findings and recommendations apply to human-centered cybersecurity (HCC), which may have its own challenges due to the unique characteristics of the cybersecurity field. Overcoming the gap in HCC is especially important given the large role of human behavior in cybersecurity outcomes. As a starting point for understanding this potential gap, we conducted a survey of 152 cybersecurity practitioners. We found that, while participants see the value in and are eager to receive and integrate HCC insights, they experienced a number of challenges in doing so. Based on our results, we discuss implications of our results, including how we extend prior research-practice work, suggestions for how to better support practitioners in integrating HCC into their work, and foundations for future work to explore meaningful solutions.

View More Papers

Like, Comment, Get Scammed: Characterizing Comment Scams on Media...

Xigao Li (Stony Brook University), Amir Rahmati (Stony Brook University), Nick Nikiforakis (Stony Brook University)

Read More

VETEOS: Statically Vetting EOSIO Contracts for the “Groundhog Day”...

Levi Taiji Li (University of Utah), Ningyu He (Peking University), Haoyu Wang (Huazhong University of Science and Technology), Mu Zhang (University of Utah)

Read More

A First Look at the Usability of OpenVAS Vulnerability...

M. Uğur Aksu, Enes Altuncu, Kemal Bicakci (TOBB University of Economics and Technology)

Read More

Explainable AI in Cybersecurity Operations: Lessons Learned from xAI...

Megan Nyre-Yu (Sandia National Laboratories), Elizabeth S. Morris (Sandia National Laboratories), Blake Moss (Sandia National Laboratories), Charles Smutz (Sandia National Laboratories), Michael R. Smith (Sandia National Laboratories)

Read More