Fairy Tales and Firewalls: Bridging Myths with Modern Security

Cybersecurity is complicated; weird acronyms, massive risks and arcane skills. How do we teach or learn about cybersecurity in human ways? In this episode of SecureTalk, host Justin Beals is joined by cybersecurity researcher Luca Viganò to discuss his innovative approach to demystifying cybersecurity concepts using fairy tales. Luca shares his passion for making cybersecurity accessible to both experts and the general public by employing storytelling techniques. Key topics include multifactor authentication, explained through 'Cinderella' and password security inspired by 'Alibaba and the 40 Thieves.' Luca's insights are based on his acclaimed article 'Cyber Security of Fairy Tales.' This episode provides a fresh perspective on engaging non-expert stakeholders and underlines the importance of a social-technical approach to cybersecurity. 00:00 Introduction to SecureTalk 00:34 Host's Background and Passion for Storytelling 03:07 Introducing Luca Vigano 04:49 Luca's Journey in Cybersecurity 06:47 The Power of Storytelling in Teaching Security 08:10 Fairy Tales and Cybersecurity 18:43 Cinderella and Multi-Factor Authentication 34:06 Alibaba and the 40 Thieves: Lessons in Security 40:30 Show vs. Tell in Security Education 44:39 Future Work and Conclusion Article: Luca Viganò, The cybersecurity of fairy tales, Journal of Cybersecurity, Volume 10, Issue 1, 2024, tyae005, https://doi.org/10.1093/cybsec/tyae005