Search results

This study aimed to investigate how honest participants perceived an attacker to be during shoulder surfing scenarios that varied in terms of which Principle of Persuasion in Social Engineering (PPSE) was used, whether perceived honesty changed as scenarios progressed, and whether any changes were greater in some scenarios than others.

Participants read one of six shoulder surfing scenarios. Five depicted an attacker using one of the PPSEs. The other depicted an attacker using as few PPSEs as possible, which served as a control condition. Participants then rated perceived attacker honesty.

The results revealed honesty ratings in each condition were equal during the beginning of the conversation, participants in each condition perceived the attacker to be honest during the beginning of the conversation, perceived attacker honesty declined when the attacker requested the target perform an action that would afford shoulder surfing, perceived attacker honesty declined more when the Distraction and Social Proof PPSEs were used, participants perceived the attacker to be dishonest when making such requests using the Distraction and Social Proof PPSEs and perceived attacker honesty did not change when the attacker used the target’s computer.

To the best of the authors’ knowledge, this experiment is the first to investigate how persuasion tactics affect perceptions of attackers during shoulder surfing attacks. These results have important implications for shoulder surfing prevention training programs and penetration tests.

The purpose of this paper is to present results of an action research addressing climate change adaptation of selected social housing stock in the UK. Climate change continues to pose major challenges to those responsible for the management of built assets. The adaptation required to address long-term building performance affected by climate change rarely get prioritised above more immediate, short-term needs (general built asset management needs).

The study adopts an in-depth participatory action research with a London-based social landlord and integrates climate change adaptation framework and performance-based model established through author’s previous research projects.

A staged process for including adaptation measures in built asset management strategy is developed along with metrics to analyse the performance of the housing stock against climate change impact of flooding. The prioritisation of adaptation measure implementation into long-term built asset management plans was examined through cost-based appraisal.

The research was carried out with a singular organisation, already acquainted with potential climate change impact, vulnerability and adaptive capacity assessment. The process adopted will differ for similar organisation in the sector with different settings and limited working knowledge of climate change impact assessment.

The paper concludes with a ten-step process developed as an aide memoir to guide social landlords through the climate change adaptation planning process.

In addition to the practical results from the study, the paper outlines a novel process that integrates resilience concepts, risk framing (to climate change impact) and performance management into built asset management (maintenance and refurbishment) planning.

This paper aims to identify key performance indicators (KPIs), and their corresponding attributes, required to successfully manage asset management sustainably in a built environment context. Improving the sustainability of existing housing stock is a major challenge facing the UK social housing sector. There is a lack of support to navigate the growing and often incongruent information relating to sustainable development and how to operationalise it. The problem is twofold; first, the current (single criterion) condition-based approach to maintenance planning constrains asset managers and does not fully address the social, environmental and economic aspects of sustainability. Second, the toolkits available for assessing the sustainability of housing are often generic and are time consuming and expensive to implement.

This paper reports the findings of a participatory research project with a leading London-based housing association, using a series of landlord and tenant workshops to derive a set of attributes associated with KPIs to fully reflect the local requirements of the landlord and their interpretation of the sustainability agenda. Five KPIs are considered to be measurable, directly affected by maintenance work and independent of each other were identified by this landlord (comfort, running costs, adaptability, maintenance costs and community).

The resulting outputs, in a policy context, will provide a clear route map to social housing landlords of how to improve the sustainability of their housing stock with the additional benefits of addressing fuel poverty and carbon emission targets, whilst at the same time, help create and maintain housing in which people want to live.

The proposed approach is flexible enough to incorporate the individual requirements of landlords and be able to adapt to changes in government policy (local and central) in a timely, robust, transparent and inclusive format.

This paper aims to investigate how digital capabilities associated with building information modelling (BIM) can integrate a wide range of information to improve built asset management (BAM) decision-making during the in-use phase of hospital buildings.

A comprehensive document analysis and a participatory case study was undertaken with a regional NHS hospital to review the type of information that can be used to better inform BAM decision-making to develop a conceptual framework to improve information use during the health-care BAM process, test how the conceptual framework can be applied within a BAM division of a health-care organisation and develop a cloud-based BIM application.

BIM has the potential to facilitate better informed BAM decision-making by integrating a wide range of information related to the physical condition of built assets, resources available for BAM and the built asset’s contribution to health-care provision within an organisation. However, interdepartmental information sharing requires a significant level of time and cost investment and changes to information gathering and storing practices within the whole organisation.

This research demonstrated that the implementation of BIM during the in-use phase of hospital buildings is different to that in the design and construction phases. At the in-use phase, BIM needs to integrate and communicate information within and between the estates, facilities division and other departments of the organisation. This poses a significant change management task for the organisation’s information management systems. Thus, a strategically driven top-down organisational approach is needed to implement BIM for the in-use phase of hospital buildings.

Nonexperts do not always follow the advice in cybersecurity warning messages. To increase compliance, it is recommended that warning messages use nontechnical language, describe how the cyberattack will affect the user personally and do so in a way that aligns with how the user thinks about cyberattacks. Implementing those recommendations requires an understanding of how nonexperts think about cyberattack consequences. Unfortunately, research has yet to reveal nonexperts’ thinking about cyberattack consequences. Toward that end, the purpose of this study was to examine how nonexperts think about cyberattack consequences.

Nonexperts sorted cyberattack consequences based on perceived similarity and labeled each group based on the reason those grouped consequences were perceived to be similar. Participants’ labels were analyzed to understand the general themes and the specific features that are present in nonexperts’ thinking.

The results suggested participants mainly thought about cyberattack consequences in terms of what the attacker is doing and what will be affected. Further, the results suggested participants thought about certain aspects of the consequences in concrete terms and other aspects of the consequences in general terms.

This research illuminates how nonexperts think about cyberattack consequences. This paper also reveals what aspects of nonexperts’ thinking are more or less concrete and identifies specific terminology that can be used to describe aspects that fall into each case. Such information allows one to align warning messages to nonexperts’ thinking in more nuanced ways than would otherwise be possible.

This study aims to examine how social engineers use persuasion principles during vishing attacks.

In total, 86 examples of real-world vishing attacks were found in articles and videos. Each example was coded to determine which persuasion principles were present in that attack and how they were implemented, i.e. what specific elements of the attack contributed to the presence of each persuasion principle.

Authority (A), social proof (S) and distraction (D) were the most widely used persuasion principles in vishing attacks, followed by liking, similarity and deception (L). These four persuasion principles occurred in a majority of vishing attacks, while commitment, reciprocation and consistency (C) did not. Further, certain sets of persuasion principles (i.e. authority, distraction, liking, similarity, and deception and social proof; , authority, commitment, reciprocation, and consistency, distraction, liking, similarity and deception, and social proof; and authority, distraction and social proof) were used more than others. It was noteworthy that despite their similarities, those sets of persuasion principles were implemented in different ways, and certain specific ways of implementing certain persuasion principles (e.g. vishers claiming to have authority over the victim) were quite rare.

To the best of authors’ knowledge, this study is the first to investigate how social engineers use persuasion principles during vishing attacks. As such, it provides important insight into how social engineers implement vishing attacks and lays a critical foundation for future research investigating the psychological aspects of vishing attacks. The present results have important implications for vishing countermeasures and education.

Recent earthquake-induced liquefaction events and associated losses have increased researchers’ interest into liquefaction risk reduction interventions. To the best of the authors’ knowledge, there was no scholarly literature related to an economic appraisal of these risk reduction interventions. The purpose of this paper is to investigate the issues in applying cost–benefit analysis (CBA) principles to the evaluation of technical mitigations to reduce earthquake-induced liquefaction risk.

CBA has been substantially used for risk mitigation option appraisal for a number of hazard threats. Previous literature in the form of systematic reviews, individual research and case studies, together with liquefaction risk and loss modelling literature, was used to develop a theoretical model of CBA for earthquake-induced liquefaction mitigation interventions. The model was tested using a scenario in a two-day workshop.

Because liquefaction risk reduction techniques are relatively new, there is limited damage modelling and cost data available for use within CBAs. As such end users need to make significant assumptions when linking the results of technical investigations of damage to built-asset performance and probabilistic loss modelling resulting in many potential interventions being not cost-effective for low-impact disasters. This study questions whether a probabilistic approach should really be applied to localised rapid onset events like liquefaction, arguing that a deterministic approach for localised knowledge and context would be a better base for the cost-effectiveness mitigation interventions.

This paper makes an original contribution to literature through a critical review of CBA approaches applied to disaster mitigation interventions. Further, this paper identifies challenges and limitations of applying probabilistic based CBA models to localised rapid onset disaster events where human losses are minimal and historic data is sparse; challenging researchers to develop new deterministic based approaches that use localised knowledge and context to evaluate the cost-effectiveness of mitigation interventions.

This study examines the relative efficacy of groups in both virtual and traditional face-to-face courses, as well as differences in group dynamics between the two delivery methods. We surveyed students in online and traditional classroom sections of the same intermediate-level cost accounting course about their perceptions of group processes, general satisfaction with group work, learning outcomes, and group communications. Traditional classroom students were more positive about their group processes and learning outcomes than were online students. They also were more likely to agree that the learning benefits of group work outweighed the costs, (e.g., uneven and inefficient work distribution.) Our findings suggest that instructors who use groups in online courses should specifically consider the potentially negative effects of such factors as workload imbalances when designing group learning activities so that learning objectives are not adversely affected.

This paper aims to explore the preparedness of a UK Registered Social Landlord (RSL) for current and future flooding. It examines the understanding of vulnerability, resilience and adaptive capacity amongst senior managers responsible for approximately 4,000 homes and tests the organisation's contingency planning against a range of flood scenarios. The paper then examines the problems of integrating future adaptation plans into built asset management strategies.

Analysis of existing datasets, field surveys, workshops, formal meetings, document analysis and semi-structured interviews were used to develop and test the impact of a series of flooding scenarios on the physical performance of the organisation's domestic properties and on the effectiveness of their contingency/adaptation plans.

Whilst individuals within the RSL had a broad understanding of vulnerability and resilience to flooding; and the organisation possessed the management attributes normally associated with enhanced adaptive capacity, they had misunderstood the potential flooding threats and had a false sense of security in their level of preparedness. The RSL also lacked the data to develop effective adaptation plans as part of their built asset management strategy.

This paper seeks to examine the vulnerability, resilience and adaptive capacity of UK social housing to climate change at the portfolio level. The paper should inform landlords, policy makers and researchers.