What is human centric cyber security?
“I have never met a computer that committed a crime” – John Ausin
By 2027, 75% of employees will acquire, modify or create technology outside IT’s visibility – up from 41% in 2022.”
Source: Gartner Article
Human-Centric Cyber Security (HCCS) is an approach that focuses on changing behaviours and cultures to improve cyber security and reduce risks. Dr. Patrick Scolyer-Gray developed this methodology, which emphasises the role of behavioural science concepts and methods, particularly from sociological and anthropological traditions. Unlike traditional cyber security strategies, HCCS doesn’t rely on fixed rules or tools. Instead, it advocates for customised data collection and analysis tailored to specific contexts to maximise resource efficiency.
HCCS aims to address the fact that about 90% of cyber security issues stem from human failures. By placing humans at the centre of security architecture, HCCS seeks to outperform conventional cyber security approaches in terms of return on investment (ROI). It also seeks to resolve the paradoxical attitude towards cyber security that often prioritises security improvements over business-as-usual activities. By ensuring that security initiatives consider their impact on business operations, HCCS aims to improve both security outcomes and productivity.
Moreover, HCCS focuses on increasing digital and cyber literacy, fostering compliance, and reducing the costs of risk management overhead, ultimately contributing to long-term savings and continuous improvement cycles. Overall, HCCS aims to empower individuals and cultivate a sustainable approach to cybersecurity, demystifying and clarifying the relationship between people and technology.
Dr Patrick Scolyer-Gray Bio
Dr. Patrick Scolyer-Gray, an expert in socio-technical aspects of cybersecurity, has made significant contributions to the field. His career began with sociological research on the users of 4chan, a notorious anonymous image board, where he cultivated high-level cybersecurity skills.
As a lecturer at La Trobe University, he created the subject “Human Factors in CyberSecurity,” blending behavioral and computer science. This subject has become a core requirement for the cybersecurity degree at the university.
Dr. Scolyer-Gray’s expertise led him to a research fellowship at Deakin University, where he focused on decision-making, information warfare, and cyber deception. Subsequently, he established and led the Human-Centric Cybersecurity (HCCS) consulting practice at 460degrees, solidifying his reputation as a world-class practitioner and industry leader.
