Human-Centered Security

How can we proactively anticipate threats in effort to design user experiences that are both safe and usable? Adam describes threat modeling and the role UX designers play in threat modeling exercises.

Show Notes

In this episode, we talk about:
  • Questions you should be asking to uncover information security threats early on in the design process.
  • How to account for human behavior in a structured way as part of threat modeling (spoiler: this is not so different from what you are doing now).
  • How to collaborate with an interdisciplinary team as part of an iterative design process to improve the user experience of security.
Adam Shostack is an expert on threat modeling, having worked at Microsoft and currently running security consultancy Shostack + Associates. He is the author of The New School of Information Security, Threat Modeling: Designing for Security and the forthcoming Threats: What Every Engineer Should Learn From Star Wars. Adam’s YouTube channel has entertaining videos that are also excellent resources for learning about threat modeling.

What is Human-Centered Security?

Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.