Human behaviour as an aspect of cybersecurity assurance

@article{Evans2016HumanBA,
  title={Human behaviour as an aspect of cybersecurity assurance},
  author={M. Evans and L. Maglaras and Ying He and H. Janicke},
  journal={ArXiv},
  year={2016},
  volume={abs/1601.03921}
}
There continue to be numerous breaches publicised pertaining to cybersecurity despite security practices being applied within industry for many years. This paper is intended to be the first in a number of papers as research into cybersecurity assurance processes. This paper is compiled based on current research related to cybersecurity assurance and the impact of the human element on it. The objective of this work is to identify elements of cybersecurity that would benefit from further research… Expand
Towards an Improved Understanding of Human Factors in Cybersecurity
TLDR
This study examines the subjective and often complex nature of human factors in the cybersecurity context through a systematic literature review of 27 articles which span across technical, behavior and social sciences perspectives. Expand
Human factor security: evaluating the cybersecurity capacity of the industrial workforce
TLDR
Originality is demonstrated by illustrating how action research can be applied within socio-technical dimensions to solve recurrent and dynamic problems related to industrial environment cyber security improvement by providing value by demonstrating how theoretical security knowledge and practical security skills can help resolve cyber security response and control uncertainties within industrial organisations. Expand
HUMAN FACTOR IN CYBER SECURITY : LINK BETWEEN ATTITUDE TOWARDS SECURITY AND INTENTION TO PERFORM SECURITY RELATED BEHAVIOR
Information systems security has always been oriented towards external threats such as hackers and viruses; this makes organizations open to internal violations. Human factors in the context ofExpand
Exploring Industry Cybersecurity Strategy in Protecting Critical Infrastructure
Exploring Industry Cybersecurity Strategy in Protecting Critical Infrastructure by Mark Allen Boutwell MS, Walden University, 2017 MS, University of Phoenix, 2009 BS, Hawaii Pacific University, 2003Expand
Botching Human Factors in Cybersecurity in Business Organizations
Abstract Human factors remained unexplored and underappreciated in information security. The mounting cyber-attacks, data breaches, and ransomware attacks are a result of human-enabled errors, inExpand
Real-Time Information Security Incident Management: A Case Study Using the IS-CHEC Technique
TLDR
This case study presents empirical research that uses Information Security Core Human Error Causes over a 12 month period within two participating public and private sector organisations in order to observe and understand how the implementation of the IS-CHEC information security HRA technique affected the respective organisations. Expand
Sixware Cybersecurity Framework Development To Protect Defense Critical Infrastructure And Military Information Systems
Albeit there are many frameworks for assessing organizations’ readiness to protect critical infrastructure from cyber threats, in the context of their application to specific organizations, such asExpand
Employees ’ Impact on Cyber Security Human Behavior Consequences on security measures
The increase of connected devices and various technologies has resulted in changes in human behavior – People are relying more on online communications instead of face to face or telephoneExpand
Convergence and divergence of regulatory compliance and cybersecurity
The introduction of technology in today's society and the risks associated with its use demonstrate the need to secure information and other digital assets at various levels and in various sectors.Expand
Human Factors in the Cybersecurity of Autonomous Vehicles: Trends in Current Research
TLDR
Some areas of research connected to the human factor in cybersecurity and potential issues are reviewed, including the decrease of driver’s driving skills as a result of using AV and its connection to cybersecurity skills. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 48 REFERENCES
The Implementation of Deming's System Model to Improve Security Management: A Case Study
TLDR
A case-study of a telecommunications marketing company which has successfully changes from being a traditional trading company to a company that relies almost entirely on e-commerce is reported on, using the PDCA model as a method for improving the management of information security. Expand
Fear Appeals and Information Security Behaviors: An Empirical Study
TLDR
Investigation of the influence of fear appeals on the compliance of end users with recommendations to enact specific individual computer security actions toward the mitigation of threats suggests that fear appeals do impact end user behavioral intentions to comply with recommended individual acts of security, but the impact is not uniform across all end users. Expand
A Reference Model of Information Assurance & Security
TLDR
A Reference Model of Information Assurance & Security (RMIAS) is proposed, which endeavours to address the recent trends in the IAS evolution, namely diversification and deperimetrisation. Expand
Research on the calculation method of information security risk assessment considering human reliability
TLDR
The Technique for Human Error Rate Prediction is introduced which is a mature technique in human reliability analysis into the process of information security risk assessment and the calculation method of human error rates in the entire process of risk value calculation is proposed. Expand
Secure*BPMN : a graphical extension for BPMN 2.0 based on a reference model of information assurance & security
The main contribution of this thesis is Secure*BPMN, a graphical security modelling extension for the de-facto industry standard business process modelling language BPMN 2.0.1. Secure*BPMN enables aExpand
Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement
TLDR
This book lays out the Information Security Management Metrics, which require the use of objective information about the status and effectiveness of information security controls in relation to the risks, in order to drive appropriate improvements in the organization's Information Security management System (ISMS). Expand
Human reliability analysis: A critique and review for managers
In running our increasingly complex business systems, formal risk analyses and risk management techniques are becoming more important part to managers: all managers, not just those charged with riskExpand
Security effectiveness in health information system: through improving the human factors by education and training
Security in Health Information Systems (HIS) is a central concern of researchers, academicians, and practitioners. Increased numbers of data security breaches have caused concern over the humans'Expand
Human reliability analysis in healthcare: A review of techniques
TLDR
This review attempts to look at the popular HRA techniques used in high-reliability industries, such as petro-chemical, nuclear and aviation, and consider their feasibility for use in healthcare. Expand
Framing the Frameworks: A Review of IT Governance Research
TLDR
It is concluded that even with the consideration of contemporary structures, academicians and practitioners alike continue to explore the concept of IT governance in an attempt to find appropriate mechanisms to govern corporate IT decisions. Expand
...
1
2
3
4
5
...