The Role of User Behaviour in Improving Cyber Security Management
- PMID: 34220596
- PMCID: PMC8253569
- DOI: 10.3389/fpsyg.2021.561011
The Role of User Behaviour in Improving Cyber Security Management
Abstract
Information security has for long time been a field of study in computer science, software engineering, and information communications technology. The term 'information security' has recently been replaced with the more generic term cybersecurity. The goal of this paper is to show that, in addition to computer science studies, behavioural sciences focused on user behaviour can provide key techniques to help increase cyber security and mitigate the impact of attackers' social engineering and cognitive hacking methods (i.e., spreading false information). Accordingly, in this paper, we identify current research on psychological traits and individual differences among computer system users that explain vulnerabilities to cyber security attacks and crimes. Our review shows that computer system users possess different cognitive capabilities which determine their ability to counter information security threats. We identify gaps in the existing research and provide possible psychological methods to help computer system users comply with security policies and thus increase network and information security.
Keywords: cognitive hacking; cyber security; information security; phishing; social engineering.
Copyright © 2021 Moustafa, Bello and Maurushat.
Conflict of interest statement
The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.
Similar articles
-
Identifying and Mitigating Phishing Attack Threats in IoT Use Cases Using a Threat Modelling Approach.Sensors (Basel). 2021 Jul 14;21(14):4816. doi: 10.3390/s21144816. Sensors (Basel). 2021. PMID: 34300556 Free PMC article.
-
We need to aim at the top: Factors associated with cybersecurity awareness of cyber and information security decision-makers.PLoS One. 2024 Oct 18;19(10):e0312266. doi: 10.1371/journal.pone.0312266. eCollection 2024. PLoS One. 2024. PMID: 39423170 Free PMC article.
-
Cyber security threats: A never-ending challenge for e-commerce.Front Psychol. 2022 Oct 19;13:927398. doi: 10.3389/fpsyg.2022.927398. eCollection 2022. Front Psychol. 2022. PMID: 36337532 Free PMC article. Review.
-
A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions.IEEE Access. 2021 Jan 1;9:7152-7169. doi: 10.1109/ACCESS.2020.3048839. eCollection 2021. IEEE Access. 2021. PMID: 34786300 Free PMC article.
-
Characterizing and Measuring Maliciousness for Cybersecurity Risk Assessment.Front Psychol. 2018 Feb 5;9:39. doi: 10.3389/fpsyg.2018.00039. eCollection 2018. Front Psychol. 2018. PMID: 29459838 Free PMC article. Review.
References
-
- Aggarwal P., Frédéric M., Gonzalez M. C., Dutt V. (2018). Understanding cyber situational awareness in a cyber security game involving recommendation. Int. J. Cyber Situat. Aware. 3 11–38. 10.22619/ijcsa.2018.100118 - DOI
-
- Akhawe D., Felt A. P. (2013). “Alice in warningland: a large-scale field study of browser security warning effectiveness,” in Proceedings of the 22nd USENIX Security Symposium, Washington, DC.
-
- Alonso C., Romero E. (2017). Aggressors and victims in bullying and cyberbullying: a study of personality profiles using the five-factor model. Span. J. Psychol. 20:e76. - PubMed
-
- Altintas E., Karaca Y., Moustafa A. A., El Haj M. (2020). Effect of best possible self intervention on situational motivation and commitment in academic context. Learn. Motiv. 69:101599. 10.1016/j.lmot.2019.101599 - DOI
-
- Anderson B. B., Kirwan C. B., Jenkins J. L., Eargle D. (2015). “How polymorphic warnings reduce habituation in the brain—insights from an fmri study,” in Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems CHI, Crossings, Seoul.
Publication types
LinkOut - more resources
Full Text Sources
