Human Factors
Facebook Twitter LinkedIn

Rethinking cybersecurity from the human element point of view

Combined Session
Thursday, November 10, 2022 14:20—14:40
Location: Historic Kassenhalle

Over simplifying, IT security means defending the IT systems from threats procured by cybercriminals. Their targets are, for example, the manipulation of systems, the extorsion or exfiltration of data, and the interruption or alteration of services. However, what happens if we have humans instead of IT systems? Given that the scope of an attacker is always the same, as aforementioned, attacking a human is an entirely different process, and the attack tactics must change. This well-known fact involves social engineering and human sciences (e.g., psychologists or behavioural sciences instead of informatics). However, from the cyber security side of the coin, what does it imply dealing with humans? What does it mean, for example, to perform convincing penetration testing or vulnerability scanning to deeply test human weaknesses: it is not merely a problem of sending a phishing email and waiting for clicks. How can be done a threat analysis or threat intelligence on humans? Moreover, how can a company calculate the cyber risk that a human represents and how many effective ways to reduce it? If we fully put humans (either as employees or IT security operators) at the centre of cybersecurity, the questions become several.

The problem is complex because, by its nature, it is multicultural and requires different non-technical competencies. It includes experts in philosophy, political science, cyber sociology, pedagogy, acting performance, etc., collaborating with cybersecurity experts. Facing the human element of security is a genuinely multicultural and interconnected approach. Furthermore, humans are coincidentally “human” and not machines: there are also ethical and legal issues to consider, and their reactions change during the day. The talk will explore and present a comprehensive view of what happens when there are not the IT systems but the humans at the centre of cybersecurity.

Enrico Frumento
Enrico Frumento
Dr. Enrico Frumento is a Senior Domain Specialist in the cybersecurity team at Cefriel a European and privately funded research and innovation project on ICT Security. He is the author of...


Hybrid Ticket
Full conference
till August 19th
Whole conference (Nov 08-10, 2022)
Attend on-site or join virtually
Join networking events and visit the expo area
Watch all sessions live or on-demand
Enter the event platform and chat with virtual participants
Access presentation slides
Virtual Ticket
Maximum virtual experience
till August 19th
Whole virtual conference (Nov 08-10, 2022)
Watch all sessions live or on-demand
Enter the event platform and chat with virtual participants
Access presentation slides
Explorer Pass
Day 1 for free
Join virtually for free on Day 1 (8 November 2022)
Participate in workshops
Enter the event platform and chat with virtual participants
Get to know CSLS
Access to days 2 and 3
Have you participated in our events?
Contact us to get a special discount
Other ways to attend
Young Talents -
student program
Register and apply
Journalists &
Confirm press accreditation
Subscribe for updates
Please provide your email address