TY - JOUR
T1 - The Role of User Behaviour in Improving Cyber Security Management
AU - Moustafa, Ahmed A.
AU - Bello, Abubakar
AU - Maurushat, Alana
PY - 2021/6/18
Y1 - 2021/6/18
N2 - Information security has for long time been a field of study in computer science, software engineering, and information communications technology. The term ‘information security’ has recently been replaced with the more generic term cybersecurity. The goal of this paper is to show that, in addition to computer science studies, behavioural sciences focused on user behaviour can provide key techniques to help increase cyber security and mitigate the impact of attackers’ social engineering and cognitive hacking methods (i.e., spreading false information). Accordingly, in this paper, we identify current research on psychological traits and individual differences among computer system users that explain vulnerabilities to cyber security attacks and crimes. Our review shows that computer system users possess different cognitive capabilities which determine their ability to counter information security threats. We identify gaps in the existing research and provide possible psychological methods to help computer system users comply with security policies and thus increase network and information security.
AB - Information security has for long time been a field of study in computer science, software engineering, and information communications technology. The term ‘information security’ has recently been replaced with the more generic term cybersecurity. The goal of this paper is to show that, in addition to computer science studies, behavioural sciences focused on user behaviour can provide key techniques to help increase cyber security and mitigate the impact of attackers’ social engineering and cognitive hacking methods (i.e., spreading false information). Accordingly, in this paper, we identify current research on psychological traits and individual differences among computer system users that explain vulnerabilities to cyber security attacks and crimes. Our review shows that computer system users possess different cognitive capabilities which determine their ability to counter information security threats. We identify gaps in the existing research and provide possible psychological methods to help computer system users comply with security policies and thus increase network and information security.
UR - http://www.scopus.com/inward/record.url?scp=85109082047&partnerID=8YFLogxK
U2 - 10.3389/fpsyg.2021.561011
DO - 10.3389/fpsyg.2021.561011
M3 - Review article
AN - SCOPUS:85109082047
SN - 1664-1078
VL - 12
JO - Frontiers in Psychology
JF - Frontiers in Psychology
M1 - 561011
ER -