HuSecMe

User-Centric Assessment of the Effectiveness of Security Awareness Measures

Contact: david.langer@uni-giessen.de

Announcement: StartUpSecure

Motivation:

In the course of digitalization, organizations of various types - such as corporations, government agencies, or critical infrastructure operators - face the challenge of ensuring the security of their information processing. To meet these requirements, technical solutions must be complemented by the strengthening of security-related competencies within organizations through targeted awareness measures. However, to date, the effectiveness of these so-called security awareness measures has not been systematically or evidence-based captured and evaluated.

Goals and Work:

The „HuSecMe“ project aims to develop a platform designed to evaluate the effectiveness of security awareness measures in a low-threshold, scalable, and data-driven manner. Utilizing methods from empirical social research, the project investigates the learning effects achieved within organizations through these measures, thereby enabling a robust assessment of their impact. The results will be synthesized into a differentiated effectiveness score and clearly visualized via a dashboard. Consequently, the system aims to simplify access to complex questions regarding the efficacy of security awareness measures and provide exemplary models for various use cases, such as phishing simulations, awareness training, or policy-based measures

Innovation and Perspectives:

By providing a low-threshold, scalable, and evidence-based assessment of the causal effectiveness of security awareness measures, organizations are empowered to strategically expand effective interventions and sustainably enhance their security posture. Consequently, this project makes a direct contribution to strengthening the resilience and agency of organizations in the digital landscape.