Chris Hails is researching an individual’s ‘Security Quotient’ score and behavioural qualities that may pre-dispose internet users to fall victim to socio-technical attacks. His research into the human factors that impact on information security is funded by InternetNZ.
I work fulltime as a manager in NZTA’s cyber security practice. Prior to learning about the world of Mobility as a Service (MaaS) and ubiquitous computing in an automotive context, I was a manager at Deloitte specialising in Privileged Access Management, privacy and socio-technical security and have worked at New Zealand’s National Cyber Security Centre.
I previously developed the ORB cybercrime reporting system at NetSafe – between August 2010 and August 2016 New Zealanders reported almost 28,500 online incidents involving the loss of more than $35m to a wide variety of cyber-enabled threat actors.
Cybersecurity Education and Outreach
I volunteer on the board of the Auckland (ISC)2 chapter to arrange monthly security events and work with groups to educate on cybersecurity risks and the importance of developing organisational security culture to ‘harden the human firewall’. Recent activities have included:
- Delivering a 30 minute primer on New Zealand’s cyber threat landscape using war stories from NetSafe and NCSC, exploring the corporate reality in NZ organisations and the importance of mobile device security.
- Discussing the challenges of converged security in a smart city of the future, including cyber physical and privacy risks associated with systems becoming ‘instrumented, interconnected and intelligent’.
- Presenting on research into personal risk profiles and personality factors influencing susceptibility to cybercrime.
- Facilitating teams competing over ‘CISO: The Board Game‘ which uses LEGO to teach risk management and security investment decisions based on common cyber threat scenarios. The game is suited to all audiences and has been played by security professionals at Kiwicon and by university students alike.
- Hosting a creative security awareness video challenge giving teams 60 minutes to make their own digital campaign.
- Presenting Attack of the Drones: Cybersecurity Lessons from the Gatwick Airport DoS Event to highlight technology risks and the importance of ‘cyber resilience’ for continuity of operations.