The research by our group focuses on addressing the following three key research areas and their interconnections:

  • Cybersecurity Threat Mitigation
  • Social-Engineering/Human Factor in Cybersecurity
  • User-Authentication

 

Overview

Figure 1: Cybersecurity LandscapeCybersecurity threats and vulnerabilities are causing substantial financial losses for individuals, organizations, and government agencies all over the world. Such cybersecurity landscape can be classified under three major pillars: (a) technology/system, (b) human-computer, and (c) socio-political-organizational (See Figure 1). One of the weakest links in the cybersecurity chain has to do with the individuals who are using and protecting such systems.

Levy CyLab Focuses on Human Factor in Cybersecurity

The focus of the Levy CyLab research group is to work on diverse projects related to the human-centric lens (also known as "Human Factor in Cybersecurity") of all three cybersecurity landscape pillars. In the technology/systems pillar, user-authentication has long been a challenge due to the overuse of passwords and the ease at which they can be guessed or cracked along with increased password entropy that impacts employee productivity. In the human-computer pillar, employees’ mistakes, human error, falling to social engineering and phishing attacks due to low cybersecurity awareness, knowledge, competencies, skills, and what is known by the 2002 Nobel Prize Laureate, Princeton University's Professor Daniel Kahneman as “System 1” thinking (or what we call “oh shoot syndrome”) represent the majority of cybersecurity threats to organizations. Moreover, non-IT employees have a low awareness of the magnitude of cybersecurity threats and their impact on organizations, government, and society. On the other hand, increasing complexity for computer systems due to demands for heightened security can cause frustration, resistance, and lower productivity. In the socio-political-organizational pillar, identity theft, social engineering, phishing, and insider threats are on the rise, which poses imminent threats to the reputation as well as the financial stability of individuals, organizations, governments, and societies. 

Innovations

Our research focuses on all three cybersecurity pillars by (a) the development of novel approaches to improve user authentication including their role in reducing organizational cyber risk; (b) the development of innovative tools to measure cybersecurity skills and reduction of human errors related to cybersecurity; as well as (c) development of state-of-the-art tools to identify insider-threats, programs to help mitigation of social engineering, phishing attacks, and other cyber threats, along with the protection of privacy and corporate intellectual property, threat mitigation and cybersecurity risk management analysis. Over the last 16 years, the Levy CyLab research group has published over 56 papers in refereed publications, one patent application, seven grants awarded (one internal grant awarded by NSU's Presidents' Research, six external DoD awarded since 2019), six external gifts, and over 30 doctoral students have completed their dissertation research in these areas of cybersecurity.

Research Areas

Our current work continues to focus on the human-centric lens (human factor) of all three cybersecurity pillars with increased emphasis on the development of state-of-the-art tools and prototype applications to assist in the measurement of cybersecurity skills, human errors, identify insider threats, cybersecurity hygiene, along with experimental studies to assist organizations with Business E-mail Compromise (BEC), social engineering and phishing, cyber threat mitigation, improve business continuity plans, resilience, and general cybersecurity risk management.

Cybersecurity Threat Mitigations and Prevention

  • Supply chain cybersecurity
  • Assessment of cybersecurity skills, competencies, and awareness among employees/individuals
  • Detecting identity theft and privacy threat vectors
  • Cyber risk management and resilience
  • Increasing collaboration with Federal Law Enforcement agencies on cyber incidents 

Social Engineering/Human Factor in Cybersecurity

  • Supply chain cybersecurity
  • Assessment of cybersecurity skills, competencies, and awareness among employees/individuals 
  • Detecting identity theft and privacy threat vectors
  • Cyber risk management and resilience
  • Increasing collaboration with Federal Law Enforcement agencies on cyber incidents 

User Authorization

  • Supply chain cybersecurity
  • Assessment of cybersecurity skills, competencies, and awareness among employees/individuals
  • Detecting identity theft and privacy threat vectors
  • Cyber risk management and resilience
  • Increasing collaboration with Federal Law Enforcement agencies on cyber incidents 

Give to the CyLab

For contributions to our efforts, please: 
Visit the Nova Southeastern University Gift and Donations page
1. Under "Gift Area" - select "College of Computing and Engineering"
2. Under "Gift Donation" - select "Other"
3. Please specify by typing - "For Levy CyLab"

Thank you for the generous contribution!

Principal Investigator (PI)

Current Ph.D. Students and Projects

   
Brian Bisceglia Brian Bisceglia, Ph.D. Candidate 
Dissertation title: "An Empirical Assessment on the Role of Persuasion Principles and Cybersecurity Skills Training on Senior Citizens' SMiShing Susceptibility"
bb1704 AT mynsu.nova.edu

Christopher P. Collins Christopher Collins, Ph.D. Student 
Dissertation title: "Development of a Phishing Risk Exposure Taxonomy on Mobile Devices in the Healthcare Industry"
cc2409 AT mynsu.nova.edu
Juan Madrid Juan Madrid, Ph.D. Candidate 
Dissertation title: "Development of the Password Alleviating Abstraction, Remembering and Strength (PALAbRas) Method"
jm2249 AT mynsu.nova.edu
Luke Nabozny Luke Nabozny, Ph.D. Student 
Dissertation title: "Identification and Quantification of the Cybersecurity Footprint in Defense Industrial Base Organizations"
ln604 AT mynsu.nova.edu
Luis Riano Luis F. Riano, Ph.D. Student 
Dissertation title: "Empirical Assessment of Distribution Channel Cybersecurity Footprint for Small to Medium-Sized Businesses in the Last-Mile Logistics Industry"
lr336 AT mynsu.nova.edu
Dariusz Witko Dariusz Witko, Ph.D. Student 
Dissertation title: "Empirical Assessment of Cybersecurity Competencies Through Human-Guided Generative Artificial Intelligence (GenAI)"
dw1272 AT mynsu.nova.edu

 

Past Interns/Undergraduate Students/Graduate and Projects

Emily Africk Emily Africk, Undergraduate Intern (2018-2021)
Project title: "An examination of historic data breach incidents: What cybersecurity big data visualization and analytics can tell us?"
Oriana Ricci Oriana Ricci, Graduate Assistant & Student - MS in Cybersecurity Management (2021-2023)
Project title: "CyberSecurity, Professional training, And Research in Computing (CyberSPARC) at NSU" (DoD Funded)

   

Alumni and Past Projects

Amy Antonucci Amy Antonucci, Ph.D. - Western Governors University
Dissertation title (2021): "Pause for a Cybersecurity Cause: Assessing the Influence of a Waiting Period on User Habituation in Mitigation of Phishing Attacks"
Shahar (Sean) Aviv Shahar (Sean) Aviv, Ph.D. - ExcelNet.com 
Dissertation title (2019): "An Examination of User Detection of Business Email Compromise Amongst Corporate Professionals"
Patricia Baker Patricia Baker, Ph.D. 
Dissertation title: "A Universal Cybersecurity Competency Framework for Organizational Users"
Robert R. Batie Robert R. Batie, Ph.D. - Modern Technology Solutions, Inc. (MTSI)
Dissertation title (2016): "Assessing the Effectiveness of a Fingerprint Biometric and a Biometric Personal Identification Number (BIO-PIN) as a Multi-Factor Authentication Mechanism"
Shauna Beaudin Shauna Beaudin, Ph.D. - Southern New Hampshire University
Dissertation title (2017): "An empirical study of authentication methods to secure e-learning system activities against impersonation fraud"
Carlene Blackwood-Brown Carlene Blackwood-Brown, Ph.D. - Seneca College of Applied Arts and Technology & Sheridan College
Dissertation title (2018): "An empirical assessment of senior citizens’ cybersecurity awareness, motivation to pursue training, and perceived risk of identity theft"
Sandra Blanke Sandra J. Blanke, Ph.D. - Associate Professor, University of Dallas
Dissertation title (2008): "A study of the contributions of attitude, computer security policy awareness, and computer self-efficacy to the employees' computer abuse intention in business environments"
Shonda Brown Shonda D. Brown, Ph.D. - CIGNA Healthcare 
Dissertation title (2015): "An information privacy examination of the practices of pharmaceutical companies regarding use of information collected through their Websites"
Melissa Carlton Melissa Carlton, Ph.D. - Associate Professor, Lindsey Wilson College
Dissertation title (2016): "Development of a cybersecurity skills index: A scenarios-based, hands-on measure of non-IT professionals’ cybersecurity skills"
  MinSuk Choi, Ph.D.
Dissertation title (2013): "Assessing the role of user computer self-efficacy, cybersecurity countermeasures awareness, and cybersecurity skills toward computer misuse intention at government agencies"
Karla Clarke Karla Clarke, Ph.D. - KPMG Cybersecurity Consulting - Middle Georgia State University 
Dissertation title (2018): "Novel alert visualization: The development of a visual analytics prototype for mitigation of malicious insiders cyber threat"

Marlon Clarke Marlon Clarke, Ph.D. - Director of IT Security - MagicLeap
Dissertation title (2010): "The role of self-efficacy in computer security behavior: Developing the construct of computer security self-efficacy (CSSE)"
Molly Cooper Molly Cooper, Ph.D. - Associate Professor - Ferris State University 
Dissertation title (2021): "Assessment of Audio and Visual Warnings to Mitigate Risk of Phishing Attacks"
Javier Coto Javier Coto, Ph.D. (Posthumous Degree, RIP) - Miami-Dade College
Dissertation title (2022): "An Empirical Investigation of Static and Polymorphic Tactile Stimuli’s Effect on Habituation to Mitigate Malware Attack Vector" 
Gabriel Cornejo Gabriel Cornejo, Ph.D. - DoD 
Dissertation title (2021): "Human Errors in Data Breaches: An Exploratory Configurational Analysis"
  Theon Danet, Ph.D. - SRA International
Dissertation title (2006): "A study of the impact of users' involvement, resistance, and computer self-efficacy on the success of a centralized identification system implementation"
Keiona Davis Keiona Davis, Ph.D. 
Dissertation title (2020): "The Role of Cybersecurity Responsibility in Small to Medium Enterprises (SMEs) on Risk of Point-of-Sale (POS) Data Breach"
John del Vecchio headshot
John Del Vecchio, Ph.D. - AHF Products 
Dissertation title (2024): "Development of Cybersecurity Footprint Index for Manufacturing Companies to Assess Organizational Cyber Posture" (NSA Funded)
Darrell Eilts Darrell Eilts, Ph.D. - Hancock Whitney and Loyola University New Orleans
Dissertation title (2020): "An Empirical Assessment of Cybersecurity Readiness and Resilience in Small Businesses"
Abbe E. Forman Abbe E. Forman, Ph.D. - ECPI University
Dissertation title (2009): "An exploratory study on the factors associated with ethical intention of digital piracy"
Munther Ghazawneh Munther Ghazawneh, Ph.D. - Deloitte
Dissertation title (2024): "Assessing Organizational Investments in Cybersecurity and Financial Performance Before and After Data Breach Incidents of Cloud SaaS Platforms"
Jodi Goode Jodi Goode, Ph.D. - Howard Payne University - CIO
Dissertation title (2018): "Comparing training methodologies on employee’s cybersecurity awareness and skills in traditional and socio-technical programs" 
Robert J. Hambly Robert J. Hambly, Ph.D. - Defense Media Activity (DMA)
Dissertation title (2016): "An empirical investigation of the willingness of US intelligence community analysts to contribute knowledge to a Knowledge Management System (KMS) in a highly classified and sensitive environment"
Wilnelia Hernandez Wilnelia Hernandez, Ph.D. - Independent Consultant, Puerto Rico
Dissertation title (2016): "An empirical assessment of employees cyberslacking in the public sector"
Angel Hueca Angel Hueca, Ph.D. - CERT US and Northeastern University
Dissertation title (2018): "Development and validation of a proof-of-concept for malicious cybersecurity insider threats alerting system utilizing analytics-based visualization in real-time"
Kenrie Hylton Kenrie Hylton, Ph.D. - Northern Caribbean University
Dissertation title (2012): "An experiment using Webcam-based surveillance to deter information systems misuse"
  Okay Igbonagwam, Ph.D. - Saint Leo University and Lockheed Martin
Dissertation title (2008): "The contribution of security clearance, users’ involvement, and computer self-efficacy in the efficiency of requirements-gathering process: An information-systems case study in the U.S. military"
Emmanuel Jigo Emmanuel Jigo, Ph.D.
Dissertation title (2020): "Development of Criteria for Mobile Device Cybersecurity Threat Classification and Communication Standard using Labels, Pictogram, as well as Safety Data Sheets"
  Gerald D. Johnson, Ph.D. 
Dissertation title (2012): "Development of an audit classification index (ACI) for federal e-learning systems security vulnerabilities"
Ariel Luna Ariel Luna, Ph.D. - Microsoft 
Dissertation title (2024): "Empirical Assessment of Remote Workers’ Cyberslacking and Computer Security Posture to Assess Organizational Cybersecurity Risks"
Joseph Marnell Joseph Marnell, Ph.D. - Wayland Baptist University
Dissertation title (2016): "An empirical investigation of factors effecting resistance to use multi-factor authentication systems in public-access environments"
Herb J. Mattord Herb J. Mattord, Ph.D. - Kennesaw State University
Dissertation title (2012): "Assessment of Web-based authentication methods in the U.S.: Comparing e-learning systems to Internet healthcare information systems"
Stephen Mujeye Stephen Mujeye, Ph.D. - Illinois State University
Dissertation title (2016): "An experimental study on the role of password strength and cognitive load on employee productivity"
Richard Nilsen Richard Nilsen, Ph.D. - DoD and Middle Georgia State University 
Dissertation title (2017): "Measuring cybersecurity competency: An exploratory investigation of the cybersecurity knowledge, skills, and abilities necessary for organizational network access privileges"
Guillermo (Will) Perez Guillermo (Will) Perez, Ph.D. - Royal Caribbean Cruises 
Dissertation title (2019): "Cyber situational awareness and cyber curiosity taxonomy for understanding susceptibility of social engineering attacks in the maritime industry"
Tommy Pollock Tommy Pollock, Ph.D. - National Defense University (NDU)
Dissertation title (2022): "Experimental Study to Assess the Role of Environment and Device Type on the Success of Social Engineering Attacks: The Case of Judgment Errors"
Michael Rooney Michael Rooney, Ph.D. - DoD 
Dissertation title (2023): "An empirical assessment of the use of password workarounds and the cybersecurity risk of data breaches"
Chris Scott Jackie (Chris) Scott, Ph.D. -  AirSculpt Technologies
Dissertation title (2023): "Comparing social engineering prevention methods and their tole on successful malicious emails in corporations"
Garrett Smiley Garrett Smiley, Ph.D. - Serco and Northcentral University
Dissertation title (2013): "Investigating the role of multibiometric authentication on professional certification e-examination"
Joshua D. Stalker Joshua D. Stalker, Ph.D. - ASRC Federal 
Dissertation title (2012): "A reading preference and risk taxonomy for printed proprietary information compromise in the aerospace and defense industry"
Raymond Wells Raymond Wells, Ph.D. - The College of The Bahamas and Bahamas National Insurance Board
Dissertation title (2012): "An empirical assessment of factors contributing to individuals’ propensity to commit software piracy in The Bahamas"
William Shawn Wilkerson William Shawn Wilkerson, Ph.D.  
Dissertation title (2021): "Development of a Social Engineering Exposure Index using Open Source Personal Information"

Updated: November 15, 2024