Evaluating the awareness of security among users plays a critical role in safeguarding Industrial Control Systems (ICSs) against social engineering attacks. This study was conducted to assess the impact of cybersecurity awareness on the response to cybersecurity incidents within ICSs. Furthermore, this research has incorporated various measures and frameworks related to cybersecurity emergency response processes,...
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Beyond cybersecurity tools: The increasing roles of human factors and cyber insurance in the survival of social media organizations
Cybersecurity tools are designed to safeguard an organization's systems and data by ensuring confidentiality, integrity, and availability in the face of cyber threats. Nevertheless, it's vital to recognize that these tools come with inherent limitations. Relying solely on them is insufficient for effectively managing the ever-evolving landscape of cyber risks. In this context, human resources...
Gamification of cyber security awareness training for phishing against university students
Users represent the primary source of cyber security breaches. Unfortunately, Cyber Security Awareness training often fails to capture their interest and is perceived as a secondary task, an impediment, or a distraction from their core responsibilities. This indifference poses a significant risk to organizations, as cyber security breaches collectively cost businesses billions annually. An effective...
Exploring how, why and in what contexts older adults are at risk of financial cybercrime victimization: A realist review
Despite infrequent reports from older individuals regarding their experiences as victims of financial cybercrime, there exists compelling evidence indicating that older online users face an elevated risk. This realist review was conducted to identify the factors contributing to the victimization of older adults and to evaluate the theory and supporting evidence for interventions aimed at...
Human errors: A cyber security concern and the weakest link to small businesses
Cybersecurity is a critical concern for organizations, particularly in the face of the ongoing global pandemic caused by Covid-19. The abrupt shift to remote work, often referred to as the 'new normal,' has introduced information security risks associated with human factors. This includes both malicious actors and employees using the same platforms for information exchange...
Oppositional human factors in cybersecurity: A preliminary analysis of affective states
The need for cyber defense research is growing as more cyber-attacks are directed at critical infrastructure and other sensitive networks. Traditionally, the focus has been on hardening system defenses. However, other techniques are being explored including cyber and psychological deception which aim to negatively impact the cognitive and emotional state of cyber attackers directly through...
Does psychological distance and religiosity influence fraudulent customer behavior?
This study delves into the motivations behind fraudulent customer behavior on eBay, a phenomenon that imposes significant financial losses on online businesses. To investigate this issue, a conceptual framework is developed, extending the Theory of Planned Behavior with factors such as religiosity, social detection risk, ethical judgment, and the moderating influence of perceived psychological distance....
Gamification of cybersecurity awareness – A systematic review of games
This thesis presents the state of the art of games used in cyber security awareness. In this regard, a systematic review of games following PRISMA guidelines was conducted on the relevant papers published between 2010 to 2021. The games were analyzed based on their purpose, cyber security topics taught, target audience, deployment methods, game genres...
What influences employees to follow security policies?
Incorporating the Value of Congruence Model (VC), the Theory of Planned Behavior Model (TPB), and Security-Conscious Care Behavior, this study demonstrates that cybersecurity behavior can be effectively influenced through straightforward and cost-efficient measures. Such an approach offers substantial advantages to companies seeking to protect their assets. By analyzing data from 193 respondents, the research underscores...
Human-centric cybersecurity research: From trapping the bad guys to helping the good ones
The issue of cybersecurity has surged in importance in recent years due to numerous high-profile incidents, hacking attempts, and data breaches that have captured headlines. The continuous rise in cyber incidents suggests the need for a reevaluation of how we perceive cybersecurity and whether a shift in mindset is warranted. In essence, cybersecurity is fundamentally...
Avoid being a victim of social engineering attack during the COVID-19 pandemic
This article delves into the impact of the COVID-19 pandemic on the proliferation of social technology attacks. It discusses the implications of these emerging threats and offers strategies for addressing them. By examining various known threats associated with coronaviruses, this report provides valuable insights and recommendations for entities and enterprises. Furthermore, the study explores the...
Understanding factors that influence Unintentional Insider Threat: A framework to counteract unintentional risks
The exploitation of individuals classified as insiders is widely acknowledged as a common avenue for cyberattacks. Recent research approaches this issue from various angles, covering aspects related to technology, psychology, and sociotechnical factors. This particular study delves deeper into the realm of unintentional insider threats, employing the Critical Decision Method (CDM) in interviews with individuals...
Human factors in phishing attacks: A systematic literature review
Phishing, defined as the fraudulent endeavor to acquire sensitive information by impersonating a reputable entity in digital communication, remains a prevalent form of cyber attack. Its success is often attributed to users' lack of awareness of vulnerabilities or their inability to grasp the associated risks. This article offers a systematic literature review aimed at providing...
How do older adults feel about engaging with cybersecurity?
In the field of cybersecurity, older adults have become increasingly susceptible to cyberattacks. Despite this, there has been limited research into how older adults perceive and engage with protective cybersecurity behaviors. To address this gap, a novel card-sorting task was developed and employed to uncover the sentiments of older adults regarding these protective behaviors and...
Importance of cybersecurity awareness and e-learning motivation for cybersecurity in reshaping the education
The widespread adoption of information and communication technologies, accelerated by the COVID-19 pandemic, has resulted in a significant surge in cyberattacks, fraud, and security threats in cyberspace. This has exposed society to a shortage of cybersecurity professionals, limited knowledge of cyber threats, and a lack of effective cybersecurity intelligence gathering and public threat awareness. This...
Locked the car, why not the computer: A qualitative and quantitative study on data safety compliance
Information technology has become an integral part of healthcare within the United Kingdom's National Health Service (NHS). All healthcare professionals are required to possess a certain level of computer knowledge and adhere to cyber ethics standards, which are maintained through regular mandatory training. The UK government has laid out a plan to enhance cybersecurity and...
Understanding the last line of defense: Human response to cyber security events
Cybersecurity is an escalating concern in today's technology-driven world, spanning consumer, corporate, and military domains. A literature review focused on human responses to cybersecurity incidents reveals a three-phase process in cybersecurity response: 1. Susceptibility Phase: This phase precedes an event and involves behaviors that influence vulnerability to cybersecurity incidents. 2. Detection Phase: This phase centers...
Mindfulness and cybersecurity behavior: A comparative analysis of rational and intuitive cybersecurity decisions
Despite substantial investments in technological solutions to bolster cybersecurity, human factors, such as employees falling for phishing attacks, remain a significant vulnerability that can undermine even the most advanced security systems. Drawing upon dual-process theories of cognition, this study posits that a brief mindfulness practice may mitigate automatic responses to phishing attempts by improving rational...
Cybersecurity attacks during COVID-19: An analysis of the behavior of the human factors and a proposal of hardening strategies
During the COVID-19 pandemic, fake news has increased considerably. This study is exploratory and descriptive research that aims to establish the human factors that make the standard user susceptible to cyber-attacks in times of pandemic. A literature review of cybersecurity attacks and conflict scenarios registered during the COVID-19 pandemic was first applied during the investigation....
Finding the weakest links in the weakest link: how well do undergraduate students make cyber security judgment?
The psychology of cybersecurity literature widely acknowledges that in the realm of cybersecurity, it's often ordinary users, rather than technology systems, who constitute the weakest link. This study specifically aimed to assess the cybersecurity judgment of 462 college students, representing a segment of these ordinary users, to pinpoint particular vulnerabilities within this weak link. The...