The annual hit to the global economy from cybercrime was estimated at more than $6 trillion in 2021. If that were a nation, then the country of cybercrime would be the world's third-largest economy after the United States and China, notes Cybercrime Magazine. Contributions from the EEA and Norway Grants have created a team to investigate human behaviour in cybersecurity and formulate methodologies to fight back. The project Advancing Human Performance in Cybersecurity (ADVANCES) has a spin that will change the way cybercrime is battled.
Most people don’t think twice about locking the door. It is just a safety habit. Part of a common sense routine that starts and ends the day.
Yet in all economic sectors, there is a vulnerable human factor that needs protection. Predators aren’t always easy to spot. In the case of cybercrime, any employee — from CEO to warehouse manager — can fall into a trap and dangerously expose the company or organization’s vital information. It is as easy as answering a call, revealing what seem to be standard facts, not protecting passwords or even assisting a needy colleague remotely by phone. All of this and more can leave the cyber door ajar for intruders. The answer to cybercrime is cybersecurity — a set of principles working as resilience against incidents in cyberspace.
ADVANCES is a unique project to face cybersecurity challenges to protect against intruders and also help understand that very same intruder on a human level. It combines computer science, psychology and human genomics to develop a comprehensive, science-based interdisciplinary framework.
Research exists on the behaviour of cybersecurity specialists. Computer scientists have also been discussing the education of cybersecurity specialists. However, combining these approaches with a component of genetics has not been undertaken before,’ says Agnė Brilingaitė, project leader for ADVANCES. Brilingaité has been working in cybersecurity for five years, participating in international cyber defence exercises. Like all users, in cyberspace, she faces various cybersecurity attacks regularly.
Perpetrators are stealthily trained to find weak points and gain entry to protected areas. ‘We haven’t developed the best practice for how to watch out for these new attack advances,’ says project partner Aušrius Juozapavičius. But security defenders have a better chance by understanding ‘human behavioural characteristics that are not only defined by genes but also by the environment around the person,’ says Brilingaitė.
Beefing up cybersecurity doesn’t take superpowers. But it does take the kind of grit that is made by people of all disciplines — programmers, developers, technicians, women and men alike. ‘What we would like to encourage is not only the study of informatics but specifically cybersecurity,’ says Linas Bukauskas from the Vilnius University Mathematics Faculty.
An inclusive attack plan against cybercrime needs to stretch across countries and borders to be effective. The establishment of an international cross-disciplinary research team will address the urgent need for a scientific understanding of human limitations and capabilities in the cyber kill chain.
‘Most STEM (science, technology, engineering, and mathematics) professions are still suffering from a lack of women in their ranks, even after decades of equal gender rights initiatives,’ writes cybersecurity education website https://cybersecurityguide.org/about-us/">Cybersecurity Guide. However, the https://www.researchgate.net/project/ADVANCES-Advancing-Human-Performance-in-Cybersecurity">ADVANCES project has set the goal for a 50/50 gender split. ‘Women make 7-11 % of the cyber workforce in Lithuania. In the neighbouring countries, the situation is similar. We need to make an effort to attract female students to the cybersecurity area by showing them role models and helping them choose their career paths – there are many vacancies to be filled,’ says Brilingaitė.
Through nourishing gender balance and encouraging informatics enthusiasts from all fields to participate — law, research, management, for example — the team will carve out scientific methodologies applicable to understanding, and inevitably, tackle cybercrime as a united force.
Project participants are currently working on the educational methodology and planning several test runs in 2022. ‘High walls, big fences, and firearms cannot help against cyber attacks,’ says Brilingaitė.
Safeguarding the current, and future cybersecurity workforce depends on what is being done now – together. This project is an example of international research, bringing together researchers from Vilnius University, General Jonas Žemaitis Military Academy in Lithuania, University of Liechtenstein, Norwegian University for Technology and Science and Østfold University College in Norway, Tallinn University of Technology from Estonia, and Latvian Riga Technical University and Vidzeme University of Applied Sciences. Follow their progress on ResearchGate.
The project Advancing Human Performance in Cybersecurity (ADVANCES) benefits from a nearly €1 million grant from Iceland, Liechtenstein and Norway through the EEA Grants under the Baltic Research Programme. The aim of the programme is to consolidate the research potential of the Baltic States, Iceland, Liechtenstein and Norway, strengthen regional cooperation in research relevant to the countries of the region, and fill the gap between the national research funding and the European Union Structural Assistance.
Source of the article: EFTA, https://eeagrants.org