• Home
  • Rick van der Kleij
Rick van der Kleij

Rick van der Kleij
TNO & Avans University of Applied Sciences

Doctor of Psychology
Cybersecurity is more than just technology and defensive IT support.

About

43
Publications
19,855
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
428
Citations
Introduction
Dr Rick van der Kleij is a psychologist with a keen interest in cybersecurity. In his opinion, cybersecurity must go far beyond implementing new technology. It requires a holistic approach that also considers people, processes, and organizational culture. By focusing on all these critical aspects, organizations can better protect themselves from cyber threats and minimize their potential impact.

Publications

Publications (43)
Preprint
Full-text available
While the importance of designing for user experience has long been acknowledged, there has been relatively little exploration of the actual processes involved in constructing usable and cybersecure systems. In many conventional projects, cybersecurity and usability are not considered primary goals, making them likely candidates for sacrifice in th...
Conference Paper
While the importance of designing for user experience has long been acknowledged, there has been relatively little exploration of the actual processes involved in constructing usable and cybersecure systems. In many conventional projects, cybersecurity and usability are not considered primary goals, making them likely candidates for sacrifice in th...
Data
Translated (to English) questionnaire used in the research. With thanks to Patrick Royster.
Article
People tend to disclose personal identifiable information (PII) that could be used by cyber-criminals against them. Often persuasion techniques are used by cybercriminals to trick people to disclose PII. This research investigates whether people can be made less susceptible to persuasion by reciprocation (i.e., making people feel obligated to retur...
Conference Paper
Full-text available
Cybersecurity controls in the workplace are viewed by many people as a hindrance that results in wasted time. End-users often bypass controls to get their work done and because of this, even the technically most secure systems can become unsecured. One crucial reason for this could be a lack of attention paid to usability factors by the software de...
Conference Paper
In this explorative research social engineering attacks were studied, especially the ones that failed, in order to help organisations to become more resilient. Physical, phone and digital attacks were carried out using a script following the ‘social engineering cycle’. We used the COM-B model of behaviour change, refined by the Theoretical Domains...
Book
Die Kriminalität ist im Wandel. Während sich Täter und Opfer früher in der realen Welt begegnet sind, findet heute vieles im digitalen Bereich statt. Doch das «Einfallstor Mensch» wird im Zuge dieser Entwicklung nicht einfach durch den technischen Fortschritt abgelöst. Vielmehr werden Eigenschaften wie Hilfsbereitschaft oder Gutgläubigkeit ausgenut...
Article
Cybersecurity threat and incident managers in large organizations, especially in the financial sector, are confronted more and more with an increase in volume and complexity of threats and incidents. At the same time, these managers have to deal with many internal processes and criteria, in addition to requirements from external parties, such as re...
Method
Full-text available
The English translation of the questionnaire used in Wave 1 of the Online Behaviour and Victimization Study. See for further details our chapter in "Cybercrime in Context" or contact the authors.
Chapter
The Capability-Opportunity-Motivation-Behavior (COM-B) model states that people’s behavior can be explained by their capabilities, opportunity, motivation, and the interaction between these components. This research focuses on applying the COM-B model to Dutch citizens’ cybersecurity behavior. Data are used from a Dutch cross-sectional online surve...
Chapter
The rise in cybercrime victimization underlines the need to understand how people behave online and how unsafe online behaviour may be related to victimization. Previous studies have often relied on self-reported behaviour or attitudes towards precautionary online behaviour. Studies that measured both actual online behaviour and explanatory factors...
Article
It is widely agreed that technology alone cannot prevent cyber incidents. Organizations often need to rely on the cooperation of employees, for instance to report cyber incidents and to follow security policies. This research article presents a model of how the psychological constructs capability, opportunity and motivation interact to produce empl...
Article
Full-text available
The number of cyberattacks on organizations is growing. To increase cyber resilience, organizations need to obtain foresight to anticipate cybersecurity vulnerabilities, developments, and potential threats. This paper describes a tool that combines state of the art text mining and information retrieval techniques to explore the opportunities of usi...
Chapter
Full-text available
Cybercrime is on the rise. With the ongoing digitization of our society, it is expected that, sooner or later, all organizations have to deal with cyberattacks; hence organizations need to be more cyber resilient. This paper presents a novel framework of cyber resilience, integrating models from resilience engineering and human behavior. Based on a...
Article
Dynamic Positioning (DP) is a computer-controlled process to automatically keep a floating vessel at a specific position or to follow a pre-defined path (tracking) by using its own propellers and thrusters. The human supervisory controller has no direct need to constantly know what the status is of all parts of the automation and the system it is c...
Article
Full-text available
Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued tha...
Article
Full-text available
Purpose Detecting deviant behaviours that precede and are related to crimes can help prevent these crimes. Research suggests that the psychological mindset of wrongdoers may differ from others, such that they are more anxious, self‐focussed, and vigilant. As a result, their responses to environmental cues, specifically those that signal risk of exp...
Article
Development of a serious game to improve multidisciplinary cooperation in health and social care Decentralisation of health and social care support for older people and people with chronic conditions makes municipalities and healthcare organisations explore activities beyond their organisational borders. Such an ‘integrated approach’ builds on stro...
Conference Paper
Full-text available
The increasing size and operational complexity of Dynamic Positioning (DP) platforms and the continuous increase in number of DP incidents has driven the need to further improve the safety and reliability of DP operations. A large portion of so-called 'operator error' is explained by increasing automation of operator tasks, pushing bridge teams int...
Conference Paper
Many reasons exist for the military to favor unmanned systems and future missions are envisioned that require longer, more diverse and more frequent deployment of UAVs with increased mission precision. This will also result in a much higher demand on operator crews working with UAVs. With the current pressure on operational budgets, a more effectiv...
Article
New ways of working and knowledge sharing: The role of organizational identification and work autonomy New ways of working and knowledge sharing: The role of organizational identification and work autonomy New ways of working is a way of working and collaborating aimed at improving productivity, work satisfaction, work life balance and competitive...
Article
Full-text available
Resilience is of great importance to teams operating in complex environments, such as command and control teams. Team resilience is the ability of teams to respond to sudden, unanticipated demands for performance quickly and with minimum decrement of performance. The objective of this study was to design and test a training intervention to make tea...
Article
Research on transactive memory has showed the positive effects of training together. This study investigated how feedback and reflection affect transactive memory in settings where there is no time for elaborate team training. Newly formed teams were given accurate, false or no feedback about their individual performance on a prior administration o...
Conference Paper
Full-text available
This study examines the effects of spatial characteristics of meeting rooms on the divergent phase in the creativity process of a group and on the mood states arousal and psychological safety. Thirty participants (12 male and 18 female) were randomly allocated to 10 mixed-gender three-person groups. They performed two creativity tasks in three diff...
Conference Paper
Full-text available
Motivation -- Both multi-team systems and awareness displays have been studied more often in the past years, but there hasn't been much focus on the combination of these two subjects. Apart from doing so, we are particularly interested in the difficulties encountered when multi-team systems are distributed among different locations and how interfac...
Article
The effects of individual differences in map orientation on a location-finding dyadic team task were examined in a controlled experimental setting. Research on maps has been mainly directed at individuals navigating with cartographic maps. An important question remains about how to present information about others' locations to distributed team mem...
Article
Teamwork is important in many organizations. When a task is assigned to a team rather than to an individual, there are several benefits, hence the appealing maxim “two heads are better than one.” Sometimes the job requires bringing people together who are dispersed across different geographical locations to work on a common task using information a...
Article
An experiment evaluated network-aware support to increase understanding of the factors that are important for successful teamwork in mobile geographically dispersed teams of first responders. Participants performed a simulated search and rescue team task and were equipped with a digitized map and real-time situation updates on the location of other...
Article
Full-text available
An experiment compared dyadic performance in a radio communication and a more sophisticated communication environment to face-to-face (FtF) meetings. Thirty-six dyads, working under low or high time-pressure conditions, needed to combine information and to produce a written plan. Teams working in the sophisticated communication environment collabor...
Article
Full-text available
An experiment was conducted to examine how communication patterns and task performance differ as a function of the group's communication environment and how these processes change over time. In a longitudinal design, three-person groups had to select and argue the correct answer out of a set of three alternatives for ten questions. Compared with fa...
Article
Full-text available
Fielded first responders are currently being equipped with support tools to improve their performance and safety. Novel information technology provides opportunities for improvement of task efficiency and situation awareness, but people can get in trouble when data networks fail. In this paper, we examine the effect of glitches in the data network...
Article
Distributed teamwork is not without its difficulties. The detrimental aspects of geographical dispersion of team members on effective teamwork are often invoked to justify reluctance "to go virtual", despite the fact that for some tasks, and under some conditions, distributed environments may be as good as, or perhaps even better than, meeting face...
Article
Full-text available
Contemporary operations are characterised by more local conflicts, more dynamic circumstances and a less predictable enemy. Besides that, commanders must be able to be present at various locations, because of the involvement of different parties. This requires a more agile command post, supporting distributed command and control. A command post wit...
Article
This paper examines team work over time in video-mediated non-collocated and traditional face-to-face same-room teams. In a longitudinal between-groups design, 22 three-person teams were tested in 4 1-h test sessions at 2-week intervals. A paper-folding task was designed for the experiment that had the potential to induce differences in team work u...
Article
Full-text available
This paper examines the conversational process in video-mediated groups as compared to face-to-face groups. In a longitudinal between-groups design, 22 three-person groups were tested in four one-hour test sessions at two-week intervals. In each session, groups had to select and argue the correct answer out of three alternatives from a total of ten...
Chapter
In the context of the active ground defence of Air Force installations and the reconnaissance and disposal of explosives, concepts for a Multi-purpose Armoured vehicle are being studied. This report describes a field experiment of a wheeled wooden mock-up. The main research question was whether the operators can carry out their tasks in a proper wa...

Network

Cited By