Attendees will learn about the cognitive and social aspects involved in the interaction of different stakeholders (adversaries, defenders, and end-users) in different cybersecurity situations. We will present students with the human cognitive and social challenges that defenders, end-users and adversaries confront in the area of cybersecurity. This course will allow students to think of new and more effective ways to design defense strategies for our computer systems that consider cognitive and social factors involved in cyber-security.

Sample Instructor(s)

Cleotilde Gonzalez


3, 6, 9, or 12 hours.


Yes, this course can be tailored towards professionals with more of a technology background, or more of a policy background. The 3-hour version of the course will provide a high-level overview and focus on a subset of course topics, while the 12-hour version will cover all listed topics and include interactive activities for hands-on learning.

In-Person or Remote

Remote, in-person, and pre-recorded sections, hybrid, etc.

Intended Audience

This course is meant for professionals with technical backgrounds who wish to learn about the cognitive and social aspects of cybersecurity.


  • Understand the cognitive and social aspects that influence decisions in cyber security by: adversaries, defenders, and end-users.
  • Think of new and more effective ways to design defense strategies for our computer systems using cognitive and social strategies.
  • Understand the role of cognitive models in cyber defense.

Course topics

  • Introduction to Cognitive and Social aspects that Influence Cybersecurity
    • Humans: defender, end user, and attacker roles
    • Memory and Cognitive Biases
    • Decision Making and Decisions from Experience
  • Psychology of Phishing
    • Act as a phisher: design a phishing campaign
    • Detection of phishing emails: successes and failures
    • Cognitive Psychology guidelines for phishing training
  • Behavioral Game Theory
    • Distribution of limited defense resources: honeypots and beyond
    • Attacker behavior against optimal and adaptive defense algorithms
  • The Psychology of Cyber Deception
    • Deception, its origins and uses in the cyber world
    • Signaling theory: How to deceive an attacker through signals
    • Find a treasure!: act as an attacker in a simple deceptive game
    • The inside-attacker game
  • Cognitive models: replicating human behavior with computational models
    • Brief introduction to instance-based models of adversaries and defenders
    • Examples of Cognitive Models of Attackers behavior


A basic understanding of IT and Psychology (cognitive and behavioral science) is preferred, but not required. 


Copies of presentations and relevant papers will be provided to participants.

Contact us

To learn about our custom programs and any upcoming open enrollments, reach out to Michael Lisanti.