Arun Vishwanath, Ph.D., MBA
Dr. Vishwanath studies the “people problem” of cybersecurity.
His research focuses on improving individual, organizational, and national resilience to cyber attacks by focusing on the weakest links in cyber security—all of us Internet users.
His particular interest is in understanding why organizational insiders willingly exfiltrate sensitive organizational data; why people become unintentional insiders by falling prey to social engineering attacks that come in through email and social media; and on ways we can harness this understanding to secure cyberspace. He also examines how various groups—criminal syndicates, terrorist networks, hacktivists—utilize cyberspace to commit crimes, spread misinformation, recruit operatives, and radicalize others.
Dr. Vishwanath has consulted for major corporations and governments on issues ranging from cybersecurity to consumer protection. He was formerly the Research Director (1998-2014) at Goldhaber Research Associates (GRA), and currently serves as the President and Chief Technologist of Avant Research Group (ARG)—a cyber security research and advisory firm. Through the firm, Dr. Vishwanath works with regional and international research clients spanning government, education, healthcare, finance, marketing, public relations, market research, sports, media, and real estate development, on issues concerning user behavior and cyber security.
Dr. Vishwanath is an alumnus of the Berkman Klein Center at Harvard University. His academic experience includes an associate professorship at the University at Buffalo (UB), a visiting assistant professorship in the Department of Telecommunications at Indiana University, Bloomington, and serving as the Director of Graduate Studies at UB’s Department of Communication.
Dr. Vishwanath’s research on improving cyber resilience against online social engineering has been funded by the National Science Foundation. He has written and published over two-dozen articles on technology users and cybersecurity issues and his research has been presented to principals at national security and law enforcement agencies around the world. His research and views on the science of cybersecurity have also been featured on CNN, the Washington Post, Wired Magazine, USA Today, Politico, Bloomberg Business Week, Consumer Reports, Scientific American, and hundreds of other national and international news outlets. He also serves on a distinguished expert panel for the NSA’s Science of Security & Privacy research directorate.
An overview of his research on online deception and cybersecurity can be found in some of his recent writings and presentations on the following cybersecurity topics:
- on why weaponizing the Internet is a bad idea [Washington Post]
- on why smartphones are more vulnerable to social attacks [Verizon Data Breach Investigations Report, DBIR, 2019]
- on why so many people fall for fake social media profiles online [LA Times]
- on why spear phishing has become even more dangerous [CNN]
- on how people can stay safe from ransomware [CNN]
- on what President-elect Trump must do to save the Internet [CNN]
- on how cyber breaches occur [CNN]
- on the people problem of cyber security [The Conversation]
- on the threats to our critical infrastructure from cyber attacks [CNN]
- on the threat from data exfiltration through attacks like the Sony Pictures attack [CNN]
- the problems with encryption in the FBI vs. Apple’s iPhone encryption debate [CNN]
- the rising tide of ransomware attacks [CNN]
- why cyber attacks keep coming and are likely to do so in the near future [CNN]
- how mobile app designs contribute to such attacks [CNN]
- why we need a virtual wall to protect cyber space and how we can build it [CNN]
- how people’s habits are responsible for many cyber attacks [The Conversation]
- how we must change people’s habits and build better cyber hygiene [World Economic Forum]
- on how we can blunt the phisher’s spear [Blackhat’16]
- on how “Spear-Phishing” Roiled the Presidential Campaign [Scientific American]
- on whether the new iPhone is designed for cyber safety [Newsweek]