Human Factors in Information Security
An Inaugural Conference

INTRODUCTION
Data security breaches have surfaced with increased regularity over the past years. Financial losses due to cybercrime continue to grow. Credit Card fraud, the theft of customer information, identity theft, social engineering, software piracy - these are all on the increase.Simple human error, ignorance or omission are nearly always at the root of many of these data breaches and e-crimes. In nearly every case there was no technical defence that would have prevented them. The damage to the public's confidence in the ability or enthusiasm of any organisation - public or private, large or small - to protect personal and financial data is immense.Despite the vast sums of money spent, IT systems at all levels and within most organisations remain inherently vulnerable to even the most basic of security and fraud weaknesses and vulnerabilities. This is because we have focused almost entirely on the technology. We have not attended in any way to the most fragile element - our people.The human aspects of security and fraud prevention need to be promoted to their rightful place alongside the technical solutions. We must harness the support and assistance of every one of our employees and customers. We must ensure honesty and integrity is paramount alongside effective communication and understanding of what is required of them in their everyday behaviour in order to handle information in all its forms in a safe and secure manner. Unless we do this, our data security and e-crime defences will never be complete.

WHO SHOULD ATTEND?
This conference aims to bring together people from the corporate, governmental and academic sectors:

* Senior Information Risk Owners (SIROs)
* Chief Information Officers/Chief Technology Officers
* Chief Security Officers
* Chief Information Security Officers
* Senior business managers/decision makers
* Researchers
* Technical specialists
* Security course managers/department heads
* Heads of information assurance & security
* Chief Procurement Officers
* VPs, heads, directors, managers of: compliance; fraud; e-commerce; privacy; governance; facilities; HR; communications; facility; audit; data protection; disaster recovery; IT manufacturers and suppliers; IT security products vendors; IT security services providers; consultancies

SUBMIT YOUR RESEARCH FOR PRESENTATION


Abstracts for oral and poster presentation are now invited on the following topics. Abstracts should be submitted using the online submission form by 31 August 2009.

* The business case for improved security and fraud prevention
* Emerging threats and defences (ID theft, social engineering etc)
* Tackling e-crime
* Staff recruitment and management
* Changing staff behaviour
* Including the human factors of security into the risk management regime
* Effective communication of security issues
* Message delivery styles
* Including security and fraud prevention within systems and process design
* Working with third parties (contractors, suppliers, customers)
* Ensuring effective security and fraud prevention within SMEs
* Changing the perception of security and fraud prevention at all levels throughout the enterprise
* The education of senior business managers and their responsibilities as role models

All abstracts will be refereed and a criterion of rejection will be lack of originality.

INVITED SPEAKERS
William Beer, Director, PwC OneSecurity
Lizzie Coles-Kemp, Information Security Group, Royal Holloway, University of London
Joseph A. DiVanna, Maris Strategies Limited
Steven Furnell, Professor of Information Systems Security, Centre for Information Security & Network Research, University of Plymouth
Sarah Garrett, Senior Manager Information Security, Nationwide
Martin Gill, Professor of Criminology, Leicester University
Bernard Herdan, Chief Executive, National Strategic Authority
Mark Hughes, Group Security Director, BT
Marjolein Kruithof, Group Security Awareness Advisor, Vodafone
Craig Lunnon, Senior Manager HR Services, PricewaterhouseCoopers
Bernadette Palmer, Communications Specialist, The Security Company (International) Ltd.
Angela Sasse, Professor of Human-Centred Technology and Head of the Information Security Group, University College London
David Smith, Deputy Information Commissioner
Andrew Strong, Global Security Director, Unilever
Philip Virgo, EURIM