The cybersecurity “Perils of Perception”: the Genoa pilot outcomes

In the book The Perils of Perception – why we’re wrong about nearly everything, author Bobby Duffy examines how (and why) people’s perceptions about basics fact of the life are often very wrong.
What about cybersecurity? In the CitySCAPE Project, we had the opportunity to test the perception of people about this matter in the public transportation context and results were quite interesting. In the Genoa pilot of the Project, executed between November 2022 and February 2023, we had organized several public sessions of dissemination and testing targeting different users, namely:
– University students
– School students
– Citizens
– Local institutions and stakeholders
Overall, we involved more than 300 people with different ages, backgrounds and extractions. This allowed us to collect several feedbacks that were poorly biased and were representative of the average population of our passengers. On every organized activity we tried to find how cybersecurity was perceived from the audience as passengers of the public transportation. The first results showed that, except from stakeholders were the specific knowledge biased the responses, the vast majority of the audience was not aware about cybersecurity risks that insist on the public transport infrastructure (about 75%). Trying to be more detailed, we started a discussion to elicit audience’s opinion: by making real examples we tried to find were audience saw higher risks of attack and the linked impacts. Results showed that people’s perception of cybersecurity were mainly linked with what can happen on the personal hand-held devices such as smartphone or laptop, and only sometimes were referred to the actual infrastructure (e.g. displays, audio diffuser, network, etc…). Although this conclusion seemed quite reasonable, we had spent part of our
activities in explaining about these latter specific risks and how a cyber-attack can impact on passengers by means of their day-by-day experience but, also, on their personal safety.
After made this base of knowledge, it was easier to present to them all the solution developed throughout the CitySCAPE project: from the ones “closer” to them (e.g. Mobile App enriched with KMS) to the ones closer to the PTO’s (e.g. RITA, FIMCA, SIEM). Also, another important pilot task was less difficult to implement: getting feedbacks from the users avoiding blank or misleading responses as much as possibile.
To conclude, among all the important pilot outcomes this “Perils of perception” showed us that investment in dissemination and training are more than important in order to raise awareness of people that are usually the first defence against a cyber-attack. This is also true in the public transport context where passengers must be involved, with their “right perception”, in this battle. For this reason, in the CitySCAPE Project we included a special game-based training focused on passengers: we had the opportunity to test it during the pilot and we plan also to enforce its usage in the next months.