Iacovos Kirlappos

PhD Student

UCL SECReT Doctoral Training Centre


Research Interests

I am working on improving information security implementations in large organisations by conducting field research.  Currently I am collaborating with two FTSE 100 companies and a non-profit organisation to create scientific methods that improve on current approaches in security policy formulation and communication, improve the usability of the implemented security mechanisms and improve employee security behaviour by implementing better security education.

 I am also looking into how security policies can be improved to allow for less interruptions in organisational workflows and how security systems and practices can be better aligned to help employees and the organisation to achieve business objectives.

In the past I have studied the effectiveness of anti-phishing tools and user education, and also the development of trust in online retailers. 







Abu-Salma, R., Krol, K., Parkin, S., Koh, V., Kwan, K., Mahboob, J., ...Sasse, M.A. (2017). The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram.
Abu-Salma, R., Sasse, M.A., Bonneau, J., Danilova, A., Naiakshina, A., Smith, M. (2017). Obstacles to the Adoption of Secure Communication Tools.
Becker, I.F., Parkin, S., Sasse, M.A. (2017). Finding Security Champions in Blends of Organisational Culture.
Dodier-Lazaro, S., Abu-Salma, R., Becker, I., Sasse, M.A. (2017). From Paternalistic to User-Centred Security: Putting Users First with Value-Sensitive Design.
Dodier-Lazaro, S., Becker, I., Krinke, J., Sasse, M. (2017). No Good Reason to Remove Features: Expert Users Value Useful Apps over Secure Ones. London: UCL Computer Science.
Dodier-Lazaro, S., Becker, I., Krinke, J., Sasse, M.A. (2017). "No Good Reason to Remove Features" Expert Users Value Useful Apps over Secure Ones.
Murdoch, S.J., Becker, I., Abu-Salma, R., Anderson, R., Bohm, N., Hutchings, A., ...Stringhini, G. (2017). Are payment card contracts unfair? (Short paper).
Whitty, M., Edwards, M., Levi, M., Peersman, C., Rashid, A., Sasse, M.A., ...Stringhini, G. (2017). Ethical and Social Challenges with developing Automated Methods to Detect and Warn potential victims of Mass-marketing Fraud (MMF).


Caputo, D.D., Pfleeger, S.L., Sasse, M.A., Ammann, P., Offutt, J., Deng, L. (2016). Barriers to Usable Security? Three Organizational Case Studies. IEEE Security and Privacy, 14 (5), 22-32. doi:10.1109/MSP.2016.95
Krol, K., Parkin, S., Sasse, M.A. (2016). “I don’t like putting my face on the Internet!”: An acceptance study of face biometrics as a CAPTCHA replacement.
Krol, K., Parkin, S., Sasse, M.A. (2016). Better the Devil You Know: A User Study of Two CAPTCHAs and a Possible Replacement.
Parkin, S., Krol, K., Becker, I., Sasse, M.A. (2016). Applying Cognitive Control Modes to Identify Security Fatigue Hotspots.

This page was last modified on 07 Jan 2016.



6.07, Malet Place Engineering


+44 020 7679 0350


+44 020 7387 1397


i.kirlappos [at] cs.ucl.ac.uk


Research Themes

  • Information Security Management
  • Information Security Compliance
  • Security Economics
  • Security and Human Behaviour