Search Icon
2026 Program

Security Awareness Training through Experiencing the Adversarial Mindset

Jens Christian Dalgaard, Niek A. Janssen, Oksana Kulyuk, Carsten Schurmann (IT University of Copenhagen)

Cybersecurity concerns are increasingly growing across different sectors globally, yet security education remains a challenge. As such, many of the current proposals suffer from drawbacks, such as failing to engage users or to provide them with actionable guidelines on how to protect their security assets in practice. In this work, we propose an approach for designing security trainings from an adversarial perspective, where the audience learns about the specific methodology of the specific methods, which attackers can use to break into IT systems. We design a platform based on our proposed approach and evaluate it in an empirical study (N = 34), showing promising results in terms of motivating users to follow security policies.

Paper
Slides
Video

View More Papers

I Still Know What You Watched Last Sunday: Privacy...

Carlotta Tagliaro (TU Wien), Florian Hahn (University of Twente), Riccardo Sepe (Guess Europe Sagl), Alessio Aceti (Sababa Security SpA), Martina Lindorfer (TU Wien)

Read More

UsersFirst in Practice: Evaluating a User-Centric Threat Modeling Taxonomy...

Alexandra Xinran Li (Carnegie Mellon University), Tian Wang (University of Illinois Urbana-Champaign), Yu-Ju Yang (University of Illinois Urbana-Champaign), Miguel Rivera-Lanas (Carnegie Mellon University), Debeshi Ghosh (Carnegie Mellon University), Hana Habib (Carnegie Mellon University), Lorrie Cranor (Carnegie Mellon University), Norman Sadeh (Carnegie Mellon University)

Read More

VICEROY: GDPR-/CCPA-compliant Enforcement of Verifiable Accountless Consumer Requests

Yoshimichi Nakatsuka (University of California, Irvine)

Read More