Rick van der KleijTNO & Avans University of Applied Sciences
Rick van der Kleij
Doctor of Psychology
Cybersecurity is more than just technology and defensive IT support.
About
43
Publications
19,855
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
428
Citations
Introduction
Dr Rick van der Kleij is a psychologist with a keen interest in cybersecurity. In his opinion, cybersecurity must go far beyond implementing new technology. It requires a holistic approach that also considers people, processes, and organizational culture. By focusing on all these critical aspects, organizations can better protect themselves from cyber threats and minimize their potential impact.
Publications
Publications (43)
While the importance of designing for user experience has long been acknowledged, there has been relatively little exploration of the actual processes involved in constructing usable and cybersecure systems. In many conventional projects, cybersecurity and usability are not considered primary goals, making them likely candidates for sacrifice in th...
While the importance of designing for user experience has long been acknowledged, there has been relatively little exploration of the actual processes involved in constructing usable and cybersecure systems. In many conventional projects, cybersecurity and usability are not considered primary goals, making them likely candidates for sacrifice in th...
Translated (to English) questionnaire used in the research. With thanks to Patrick Royster.
People tend to disclose personal identifiable information (PII) that could be used by cyber-criminals against them. Often persuasion techniques are used by cybercriminals to trick people to disclose PII. This research investigates whether people can be made less susceptible to persuasion by reciprocation (i.e., making people feel obligated to retur...
Cybersecurity controls in the workplace are viewed by many people as a hindrance that results in wasted time. End-users often bypass controls to get their work done and because of this, even the technically most secure systems can become unsecured. One crucial reason for this could be a lack of attention paid to usability factors by the software de...
In this explorative research social engineering attacks were studied, especially the ones that failed, in order to help organisations to become more resilient. Physical, phone and digital attacks were carried out using a script following the ‘social engineering cycle’. We used the COM-B model of behaviour change, refined by the Theoretical Domains...
Die Kriminalität ist im Wandel. Während sich Täter und Opfer früher in der realen Welt begegnet sind, findet heute vieles im digitalen Bereich statt. Doch das «Einfallstor Mensch» wird im Zuge dieser Entwicklung nicht einfach durch den technischen Fortschritt abgelöst. Vielmehr werden Eigenschaften wie Hilfsbereitschaft oder Gutgläubigkeit ausgenut...
Cybersecurity threat and incident managers in large organizations, especially in the financial sector, are confronted more and more with an increase in volume and complexity of threats and incidents. At the same time, these managers have to deal with many internal processes and criteria, in addition to requirements from external parties, such as re...
The English translation of the questionnaire used in Wave 1 of the Online Behaviour and Victimization Study.
See for further details our chapter in "Cybercrime in Context" or contact the authors.
The Capability-Opportunity-Motivation-Behavior (COM-B) model states that people’s behavior can be explained by their capabilities, opportunity, motivation, and the interaction between these components. This research focuses on applying the COM-B model to Dutch citizens’ cybersecurity behavior. Data are used from a Dutch cross-sectional online surve...
The rise in cybercrime victimization underlines the need to understand how people behave online and how unsafe online behaviour may be related to victimization. Previous studies have often relied on self-reported behaviour or attitudes towards precautionary online behaviour. Studies that measured both actual online behaviour and explanatory factors...
It is widely agreed that technology alone cannot prevent cyber incidents. Organizations often need to rely on the cooperation of employees, for instance to report cyber incidents and to follow security policies. This research article presents a model of how the psychological constructs capability, opportunity and motivation interact to produce empl...
The number of cyberattacks on organizations is growing. To increase cyber resilience, organizations need to obtain foresight to anticipate cybersecurity vulnerabilities, developments, and potential threats. This paper describes a tool that combines state of the art text mining and information retrieval techniques to explore the opportunities of usi...
Cybercrime is on the rise. With the ongoing digitization of our society, it is expected that, sooner or later, all organizations have to deal with cyberattacks; hence organizations need to be more cyber resilient. This paper presents a novel framework of cyber resilience, integrating models from resilience engineering and human behavior. Based on a...
Dynamic Positioning (DP) is a computer-controlled process to automatically keep a floating vessel at a specific position or to follow a pre-defined path (tracking) by using its own propellers and thrusters. The human supervisory controller has no direct need to constantly know what the status is of all parts of the automation and the system it is c...
Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued tha...
Purpose
Detecting deviant behaviours that precede and are related to crimes can help prevent these crimes. Research suggests that the psychological mindset of wrongdoers may differ from others, such that they are more anxious, self‐focussed, and vigilant. As a result, their responses to environmental cues, specifically those that signal risk of exp...
Development of a serious game to improve multidisciplinary cooperation in health and social care
Decentralisation of health and social care support for older people and people with chronic conditions makes municipalities and healthcare organisations explore activities beyond their organisational borders. Such an ‘integrated approach’ builds on stro...
The increasing size and operational complexity of Dynamic Positioning (DP) platforms and the continuous increase in number of DP incidents has driven the need to further improve the safety and reliability of DP operations. A large portion of so-called 'operator error' is explained by increasing automation of operator tasks, pushing bridge teams int...
Many reasons exist for the military to favor unmanned systems and future missions are envisioned that require longer, more diverse and more frequent deployment of UAVs with increased mission precision. This will also result in a much higher demand on operator crews working with UAVs. With the current pressure on operational budgets, a more effectiv...
New ways of working and knowledge sharing: The role of organizational identification and work autonomy
New ways of working and knowledge sharing: The role of organizational identification and work autonomy
New ways of working is a way of working and collaborating aimed at improving productivity, work satisfaction, work life balance and competitive...
Resilience is of great importance to teams operating in complex environments, such as command and control teams. Team resilience is the ability of teams to respond to sudden, unanticipated demands for performance quickly and with minimum decrement of performance. The objective of this study was to design and test a training intervention to make tea...
Research on transactive memory has showed the positive effects of training together. This study investigated how feedback and reflection affect transactive memory in settings where there is no time for elaborate team training. Newly formed teams were given accurate, false or no feedback about their individual performance on a prior administration o...
This study examines the effects of spatial characteristics of meeting rooms on the divergent phase in the creativity process
of a group and on the mood states arousal and psychological safety. Thirty participants (12 male and 18 female) were randomly
allocated to 10 mixed-gender three-person groups. They performed two creativity tasks in three diff...
Motivation -- Both multi-team systems and awareness displays have been studied more often in the past years, but there hasn't been much focus on the combination of these two subjects. Apart from doing so, we are particularly interested in the difficulties encountered when multi-team systems are distributed among different locations and how interfac...
The effects of individual differences in map orientation on a location-finding dyadic team task were examined in a controlled experimental setting.
Research on maps has been mainly directed at individuals navigating with cartographic maps. An important question remains about how to present information about others' locations to distributed team mem...
Teamwork is important in many organizations. When a task is assigned to a team rather than to an individual, there are several
benefits, hence the appealing maxim “two heads are better than one.” Sometimes the job requires bringing people together who
are dispersed across different geographical locations to work on a common task using information a...
An experiment evaluated network-aware support to increase understanding of the factors that are important for successful teamwork in mobile geographically dispersed teams of first responders. Participants performed a simulated search and rescue team task and were equipped with a digitized map and real-time situation updates on the location of other...
An experiment compared dyadic performance in a radio communication and a more sophisticated communication environment to face-to-face (FtF) meetings. Thirty-six dyads, working under low or high time-pressure conditions, needed to combine information and to produce a written plan. Teams working in the sophisticated communication environment collabor...
An experiment was conducted to examine how communication patterns and task performance differ as a function of the group's communication environment and how these processes change over time. In a longitudinal design, three-person groups had to select and argue the correct answer out of a set of three alternatives for ten questions. Compared with fa...
Fielded first responders are currently being equipped with support tools to improve their performance and safety. Novel information technology provides opportunities for improvement of task efficiency and situation awareness, but people can get in trouble when data networks fail. In this paper, we examine the effect of glitches in the data network...
Distributed teamwork is not without its difficulties. The detrimental aspects of geographical dispersion of team members on effective teamwork are often invoked to justify reluctance "to go virtual", despite the fact that for some tasks, and under some conditions, distributed environments may be as good as, or perhaps even better than, meeting face...
Contemporary operations are characterised by more local conflicts, more dynamic circumstances and a less predictable enemy. Besides that, commanders must be able to be present at various locations, because of the involvement of different parties. This requires a more agile command post, supporting distributed command and control. A command post wit...
This paper examines team work over time in video-mediated non-collocated and traditional face-to-face same-room teams. In a longitudinal between-groups design, 22 three-person teams were tested in 4 1-h test sessions at 2-week intervals. A paper-folding task was designed for the experiment that had the potential to induce differences in team work u...
This paper examines the conversational process in video-mediated groups as compared to face-to-face groups. In a longitudinal between-groups design, 22 three-person groups were tested in four one-hour test sessions at two-week intervals. In each session, groups had to select and argue the correct answer out of three alternatives from a total of ten...
In the context of the active ground defence of Air Force installations and the reconnaissance and disposal of explosives, concepts for a Multi-purpose Armoured vehicle are being studied. This report describes a field experiment of a wheeled wooden mock-up. The main research question was whether the operators can carry out their tasks in a proper wa...