With generous support from Horst Görtz, the Chair for Human-Centred Security (HCS) of Prof. Angela Sasse was founded in 2018. For the Ruhr-University and the "IT security hotspot" Bochum, this department is an absolute enrichment, because the human factor within IT security is not researched at many locations - although it is clear that digital security can only be ensured through a holistic approach that considers technology and users. The HGI is particularly distinguished by this research - and is celebrating a number of successes as a result, including major funding projects such as the Cluster of Excellence "CASA - Cyber Security in the Age of Large Scale Adversaries" or the NRW Research College "SecHuman".
The students of ITS in Bochum are enthusiastic about the offers and opportunities of Prof. Sasse's chair, as the following numerous comments and messages regarding the anniversary show:
Andreas Reiss, master student: "This enriching chair has fundamentally changed my thinking and my view of IT security. Bochum benefits because the chair broadens the range of courses in IT security. Before the practical implementation of information technology systems, the chair places people and their actions as an essential component in the foreground of IT security-specific questions. Since systems are used by people, and security depends significantly on how they are handled, it is even more important to address issues such as usability."
Leona Lassak, master graduate: "When the HCS Chair was founded three years ago, I was very pleased, because there was then suddenly what I had previously missed: the human factor in IT security. For me, the topics of the chair represent the indispensable link between abstract, algorithmic crypto and everyday reality. If the most secure door is too hard to open and that's why you put it up permanently, it's ultimately no better than a curtain. HCS manages to find the door that does not allow unauthorized passage and yet is easy to open. With that in mind, I congratulate the chair and staff on their 3-year anniversary and wish them every success in their future endeavors."
Steve Ehleringer, undergraduate student: "It was clear to me very early on in my studies that I didn't see myself in a programming profession permanently. Not because I suck at it, but rather because I wanted to be more ideological: I wanted to help people. It was not only important to me to develop secure systems, but also to show users why they exist, how to handle them, and how to recognize and cope with dangers in everyday life. The Chair for HCS has been instrumental in educating me in these topics and for that I am extremely grateful!"
Kai Koch, bachelor student: "As part of my IT security studies in Bochum, I am very grateful for the great work of the Chair for HCS. The courses offered there opened up a new perspective for me and were able to give me a holistic view of aspects of IT security that are otherwise rarely addressed. I consider the resulting understanding that information technology security should not be created at the expense of user-friendliness to be extremely important."
Hendrik Ewerlin, master student: "We build socio-technical systems in and for organizations where people are involved. And, as Professor Sasse noted in a lecture: Attackers are also people. Security is not purely technical, but also something deeply psychological, social, cultural, human. It's good that the HCS Chair illuminates these topics in a witty and engaging way."
Jan Rottmann, bachelor student: "From my point of view, the HCS Chair enriches the ITS course in Bochum, because in addition to technical knowledge, human factors play an important role in IT security. The chair provides new insights into IT security and illuminates the problems from other perspectives and is therefore an enrichment for the research at the Horst Görtz Institute."
Lina Brunken, master ITS: "I am very pleased that the HCS Chair provides the necessary knowledge for the balancing act between technology and psychology at RUB. In this way, students learn the necessary sensitivity for dealing with users."
Pius Ganter: "In many hacker attacks, human error was one of the crucial weak points. The HCS Chair has been reflecting this in the course offerings of our ITS degree program for three years now, helping to give students a holistic view of IT security."
Thore Hendrikson, master graduate: "Because security without usability is useless. - I would like to congratulate HCS on its anniversary and wish the entire team all the best for the future. It's a great team, very helpful and cool. It was a pleasure to write my thesis there!"
Hasan Cavlar, master student: "The HCS Chair complements the ITS studies very well with its lectures. In practice, it is always necessary to include the human factor. A secure system will hardly be used if it is not user-friendly. Therefore, it is important to consider not only security by design but also usability. In addition, experts must also interact with people and exchange information. Here again, many factors from psychology play an important role. The HCS gives us practical insights and helps us to recognize and sustainably solve problems in the successful implementation of IT security."
Muhammed Uyar, bachelor student: "From my point of view, the HCS Chair enriches the ITS course in Bochum, because here you can look at research questions from the consumer's perspective and do not have to explore them from the developer's point of view. In my opinion, it is important to test existing security mechanisms for usability for the user or users in order to achieve better acceptance in later developments."
Tobias Bruns: "In my opinion, the HCS chair enriches the ITS course by many things. Especially for people like me who plan to go in the direction of consulting, it is important to learn how we can then eventually implement the things we learn in theory during the rest of our studies in real companies. The topics discussed in the department's courses are definitely close to reality. Especially the fact that HCS deals with the interlinking from several areas, how this interlinking works in reality is highly exciting for me, as this does not take place to this extent in any other module. The human aspect in combination with data protection and both technical and cryptographic-theoretical topics is, in my opinion, especially relevant for those who are about to move into the working world.”
Jan Günther, master student: "If we want to help people use IT security in everyday life, then we also have to deal with the people. What enrichment does IT security bring if no one uses it? In my eyes, it is not enough that we develop methods that can be used by experts. We must try to integrate security smoothly into everyday processes. Exactly this essential problem is studied at the Chair for Human-Centered Security.
My personal experience during the courses at the chair was positive. I was able to understand practical problems of IT security in more detail and find out, for example, why a cryptographically trivial problem like email encryption is still a real problem today. The chair offers the possibility to get to know a new side of IT security and enriches the studies in many aspects. From my side, congratulations on the anniversary."
Felix Reichmann, master student: "Due to the ever-increasing use of digital devices in our everyday lives, corresponding security mechanisms also play an increasingly important role. In practice, however, it turns out more and more frequently that protective measures are not used by users because basic human factors were not taken into account during development.
The Chair for HCS is researching precisely this problem, thus creating a unique, interdisciplinary collaboration between the fields of IT security and the humanities. The knowledge gained not only strengthens the theoretically available security, but also creates the possibility to increase the practically relevant security level. Further, however, the chair's research not only achieves a direct increase in cybersecurity, but also a change in the perception of IT security by end users. Through better tailored protection measures and an inclusion of human factors in research and development, it is achieved that users no longer perceive IT security as an obstacle to their actual task and thus reduce resistance to necessary measures.
I have attended a wide variety of events held by the department over the past three years and have always noticed an extraordinary level of commitment to the department's own courses and to the students. Regardless of the lecturer, the optimal transfer of knowledge was always in the foreground. I particularly remember the open discussions and the numerous guest lectures. These have led to the most diverse perspectives on a topic and to deal with the positions in detail.
The commitment of the chair was not only evident in the courses, but also during my final thesis. The intensive support by the entire team of the chair contributed to a knowledge boost also outside the classical engineering field and enabled me to work on my research question in an interdisciplinary way. I look forward to future events organized by the chair and wish the team continued success in their research. Thank you for your dedication.”
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.