BSidesVienna 0x7EA

Yvonne Bauer

Yvonne Bauer humanist with many years of expertise in human resources, recruiting, and diversity. After studying psychology and knowledge management, she worked for two consulting firms that focused on comprehensive HR consulting for IT companies. For several years now, she has been working in the cybersecurity industry, where her primary concern is to get more women excited about this field and encourage them to pursue and advance their careers in information security by volunteering as board member and national coordinator at Women4Cyber Austria.

The speaker's profile picture

Sessions

06-27
13:05
50min
"The Human Factor. Cybersecurity's weakest link or most adaptive defense?"
Yvonne Bauer, Wolfgang Ettlinger

In Cybersecurity there is a narrative existing: The problem is sitting in front of the screen… but is it?

Our understanding of humans in cybersecurity is shaped by problematic metaphors, which influence how we design security systems. The way we likely describe humans, shapes how we approach cybersecurity.

Humans are as seen as the weakest link: Humans are viewed as the main source of failure > Assumption: Technology is strong, humans are weak

Humans are seen as driven by fear: as frightened animal > Assumption: Fear and punishment drive secure behavior

And once you believe, that the human is the problem, you stop looking for better explanations.

In our talk we will have a deeper look at these assumptions and the psychological as well as technical factors of (in)secure behavior in organizations
Cognitive biases often cause individuals to underestimate rare but catastrophic risks or to place excessive trust in automation. Routine blindness may result in subtle anomalies being ignored when tasks become repetitive. Furthermore, poor collaboration and information silos weaken collective intelligence, while misguided prioritization—such as choosing convenience over security—can undermine defense efforts. Yet, to fully leverage the strengths like pattern recognition, intuition, adaptive reasoning and ethical decision making, organizations should minimize human error through training, supportive tools, and sustainable working conditions, ensuring that human intelligence can function as a powerful ally in defending against digital threats.

Dachsaal (Track 2 - 190 pax)
Dachsaal (Track 2 )