The research conducted for this project sought to understand the factors that impact the likelihood an individual will be victimized by a phishing attack. The research also sought to identify effective training approaches and technology available to supplement human defenses. Understanding these factors, training methods, and technology will allow organizations to strengthen their information security program. The research conducted confirmed that certain personality types and habits, such as gullibility, narcissism, psychopathy, and habitual email use, influence the likelihood an individual will fall victim to a phishing attack. Rule-based and mindfulness training, as well as communication tones, were examined and proved equally effective in supporting the detection of phishing emails. Technology also proved to be complementary to human defenses. Additional research is needed to determine how to leverage the personality trait learnings in a business setting.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...