Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
Review
. 2021 Jun 18:12:561011.
doi: 10.3389/fpsyg.2021.561011. eCollection 2021.

The Role of User Behaviour in Improving Cyber Security Management

Ahmed A Moustafa  1   2   3 Abubakar Bello  4 Alana Maurushat  4
Affiliations
Review

The Role of User Behaviour in Improving Cyber Security Management

Ahmed A Moustafa et al. Front Psychol. .

Abstract

Information security has for long time been a field of study in computer science, software engineering, and information communications technology. The term 'information security' has recently been replaced with the more generic term cybersecurity. The goal of this paper is to show that, in addition to computer science studies, behavioural sciences focused on user behaviour can provide key techniques to help increase cyber security and mitigate the impact of attackers' social engineering and cognitive hacking methods (i.e., spreading false information). Accordingly, in this paper, we identify current research on psychological traits and individual differences among computer system users that explain vulnerabilities to cyber security attacks and crimes. Our review shows that computer system users possess different cognitive capabilities which determine their ability to counter information security threats. We identify gaps in the existing research and provide possible psychological methods to help computer system users comply with security policies and thus increase network and information security.

Keywords: cognitive hacking; cyber security; information security; phishing; social engineering.

PubMed Disclaimer

Conflict of interest statement

The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.

References

    1. Aggarwal P., Frédéric M., Gonzalez M. C., Dutt V. (2018). Understanding cyber situational awareness in a cyber security game involving recommendation. Int. J. Cyber Situat. Aware. 3 11–38. 10.22619/ijcsa.2018.100118 - DOI
    1. Akhawe D., Felt A. P. (2013). “Alice in warningland: a large-scale field study of browser security warning effectiveness,” in Proceedings of the 22nd USENIX Security Symposium, Washington, DC.
    1. Alonso C., Romero E. (2017). Aggressors and victims in bullying and cyberbullying: a study of personality profiles using the five-factor model. Span. J. Psychol. 20:e76. - PubMed
    1. Altintas E., Karaca Y., Moustafa A. A., El Haj M. (2020). Effect of best possible self intervention on situational motivation and commitment in academic context. Learn. Motiv. 69:101599. 10.1016/j.lmot.2019.101599 - DOI
    1. Anderson B. B., Kirwan C. B., Jenkins J. L., Eargle D. (2015). “How polymorphic warnings reduce habituation in the brain—insights from an fmri study,” in Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems CHI, Crossings, Seoul.

LinkOut - more resources