Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Julie Haney (Fed)

Displaying 26 - 50 of 64

Lessons Learned and Suitability of Focus Groups in Security Information Workers Research

June 26, 2022

Author(s)

Julie Haney, Jody Jacobs, Fernando Barrientos, Susanne M. Furman

Security information workers (SIW) are professionals who develop and use security-related data within their jobs. Qualitative methods -- primarily interviews -- are becoming increasingly popular in SIW research. However, focus groups are an under-utilized

Users Are Not Stupid: Eight Cybersecurity Pitfalls Overturned

June 7, 2022

Author(s)

Julie Haney

Whether you're implementing security policy or developing products, considering the human element is critical. Yet security professionals often fall victim to misconceptions and pitfalls that undermine users' ability to reach their full security potential

An Investigation of Roles, Backgrounds, Knowledge, and Skills of U.S. Government Security Awareness Professionals

June 4, 2022

Author(s)

Julie Haney, Jody Jacobs, Susanne M. Furman

Security awareness professionals are tasked with implementing security awareness programs within their organizations to assist employees in recognizing and responding to security issues. Prior industry-focused surveys and research studies identified

Consumer Perspectives on Loss of Support for Smart Home Devices

May 26, 2022

Author(s)

Julie Haney, Susanne M. Furman

Unsupported smart home devices can pose serious safety and security issues for consumers. However, unpatched and vulnerable devices may remain connected because consumers may not be alerted that their devices are no longer supported or do not understand

NIST Cybersecurity Role-based Training Study Presentation

May 20, 2022

Author(s)

Jody Jacobs, Julie Haney, Susanne M. Furman

This presentation is for the May 17, 2022 Federal Information Security Educators (FISSEA) Spring Forum hosted by NIST. This presentation will present our preliminary findings from our Role-Based Training Study.

Approaches and Challenges of Federal Cybersecurity Awareness Programs

March 25, 2022

Author(s)

Julie Haney, Jody Jacobs, Susanne M. Furman

Organizational security awareness programs may experience a number of challenges, including lack of resources, difficulty measuring the impact of the program, and perceptions among the workforce that training is a boring, "check-the-box" activity. While

Federal Cybersecurity Awareness Programs A Mixed Methods Research Study

March 25, 2022

Author(s)

Julie Haney, Jody Jacobs, Susanne M. Furman

Prior industry surveys and research studies have revealed that organizational security awareness programs may face a number of challenges, including lack of: leadership support; resources; and staff with sufficient background and skills to implement an

The Federal Cybersecurity Awareness Workforce: Professional Backgrounds, Knowledge, Skills, and Development Activities

March 25, 2022

Author(s)

Julie Haney, Jody Jacobs, Susanne M. Furman

Organizational security awareness programs may experience a number of challenges, including lack of funding and staff with the appropriate knowledge and skills to manage an effective program. While prior surveys and research have examined programs in the

Recommended Criteria for Cybersecurity Labeling of Consumer Software

February 4, 2022

Author(s)

Michael Ogata, Amy Phelps, Julie Haney

Executive Order (EO) 14028, "Improving the Nation's Cybersecurity," tasks the National Institute of Standards and Technology (NIST), in coordination with the Federal Trade Commission (FTC) and other agencies, to initiate pilot programs for cybersecurity

Slides: Security Awareness Training for the Workforce: Moving Beyond "Check-the-box" Compliance

November 5, 2021

Author(s)

Julie Haney, Wayne Lutters

User Perceptions & Preferences for Smart Home Device Updates

November 5, 2021

Author(s)

Susanne M. Furman, Julie Haney

IoT smart home updates are a critical mechanism by which manufacturers can remediate security vulnerabilities and one of the few tools users have to secure their devices. Yet, security professionals view difficulties in patching IoT devices as a major

NIST Security Awareness Study

October 25, 2021

Author(s)

Jody Jacobs, Julie Haney, Susanne M. Furman

This is a presentation for the September 28, 2021 FISSEA conference. This presentation is on the NIST Security Awareness Study. The goal of the study is to better understand the needs, challenges, practices, and professional competencies of federal

Exploring Government Security Awareness Programs: A Mixed-Methods Approach

August 3, 2021

Author(s)

Jody Jacobs, Julie Haney, Susanne M. Furman, Fernando Barrientos

Organizational security awareness programs are often underfunded and rely on part-time security awareness professionals who may lack sufficient background, skills, or resources necessary to manage an effective and engaging program. U.S. government

Cybersecurity Advocates: Force Multipliers in Security Behavior Change

July 5, 2021

Author(s)

Julie Haney, Wayne Lutters, Jody Jacobs

Cybersecurity advocates motivate individuals and organizations to adopt positive security behaviors. Based on our research, we describe qualities of successful advocates. Our findings have practical implications for expanding the cybersecurity workforce by

Cybersecurity advocates

April 7, 2021

Author(s)

Julie Haney

Cybersecurity Advocates: Discovering the Characteristics and Skills for an Emergent Role

April 7, 2021

Author(s)

Julie Haney, Wayne Lutters

Purpose: Cybersecurity advocates attempt to reduce exposure to cyber attacks by promoting security best practices and encouraging security adoption. However, little is known about the skills necessary for success in this role. To fill this gap, our study

Pandemic parallels: What can cybersecurity learn from COVID?

March 15, 2021

Author(s)

Steven Furnell, Julie Haney, Mary Theofanos

While the threats may appear to be vastly different, further investigation reveals that the cybersecurity community can learn much from the COVID-19 response.

Usable Security: A Human-Centric Approach

January 28, 2021

Author(s)

Julie Haney

This presentation describes usable security and its importance for organizations.

Smart Home Consumers' Privacy and Security Perceptions & Practices

December 7, 2020

Author(s)

Julie Haney, Susanne M. Furman, Yasemine Acar

Smart home technologies may expose adopters to increased risk to network security, information privacy, and physical safety. However, consumers may lack understanding of the privacy and security implications, while devices fail to provide transparency and

Research Report: User Perceptions of Smart Home Privacy and Security

November 17, 2020

Author(s)

Julie M. Haney, Susanne M. Furman, Yasemin Acar

Smart home technologies may expose adopters to increased risk to network security, information privacy, and physical safety. However, users may lack understanding of the privacy and security implications, while devices fail to provide transparency and

Security Awareness Training for the Workforce: Moving Beyond "Check-the-box" Compliance

October 1, 2020

Author(s)

Julie Haney, Wayne Lutters

Security Awareness Training for the Workforce: Moving Beyond "Check-the-box" Compliance

September 30, 2020

Author(s)

Julie Haney, Wayne Lutters

Security awareness training requirements set a minimum baseline for introducing security practices to an organization's workforce. But is simple compliance enough to result in behavior change?