Human Factors of Cyber Attacks

Mancuso, Vincent; Strang, Adam J.; Funke, Gregory J.; Finomore, Victor

doi:10.1177/1541931214581091

Cited by 18 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additionally, it taps into the empirical research gap highlighted by (Taylor et al, 2017), shedding light on the underexplored terrain of psychology in cybersecurity. This research aligns with the findings of (Mancuso et al, 2014), who proposed a framework for human-centered research in the context of cyber-attacks. This research compares three classification algorithms for malware detection, with the SVM (polynomial kernel) proving highly effective, showcasing the importance of algorithm selection in cybersecurity (Hakimi et al, 2023) similarly study by (Hasas et al, 2024) delves into enhancing digital security through dynamic attack detection, employing LSTM, KNN, and Random Forest algorithms, contributing valuable insights to the evolving landscape of cybersecurity One of the key challenges addressed in this analysis is the phenomenon of security fatigue.…”

Section: Introductionsupporting

confidence: 86%

Human factors in cybersecurity: an in depth analysis of user centric studies

Hakimi,

Mohammad Mustafa Quchi,

Abdul Wajid Fazil

2024

esaprom

View full text Add to dashboard Cite

This study delves into the intricate intersection of human behavior, cognition, and technology within the cybersecurity domain, aiming to enhance our understanding of the human-centric challenges influencing the effectiveness of cybersecurity measures. The primary objective is to unravel the nuanced landscape where human errors persist as a significant contributing factor to security breaches, emphasizing the need for a holistic comprehension of human factors. The study recognizes the evolving nature of work, with an increasing number of individuals operating from home, and the consequential challenges in managing human factors in the digital era. The blurring lines between private and public lives, coupled with the rise of social credit systems, necessitate a thorough examination of key elements intersecting with cybersecurity Employing a systematic literature review, this research methodically identifies, filters, and analyzes pertinent literature concerning human-centric factors in cybersecurity. The systematic approach involves the formulation of specific research questions guiding the study, strategic search plans targeting reputable databases, and meticulous study selection processes based on predefined criteria The study unfolds through a series of interconnected research questions, addressing the impact of human factors on operational efficiency, challenges in the adoption of human-centric approaches, and the ways in which human factors influence strategic decision-making in cybersecurity. The results shed light on the substantial contribution of understanding user behavior and cognitive processes to the development of tailored cybersecurity strategies. Challenges, such as security fatigue and the scarcity of psychology-based professionals, are addressed, advocating for human factors engineering and strategic initiatives to enhance education and training programs. In conclusion, embracing a human-centric paradigm emerges as imperative for organizations striving to fortify their defenses against dynamic and sophisticated cyber threats. Integrating technology with a profound understanding of human factors becomes the cornerstone for shaping a resilient and adaptive cybersecurity future.

show abstract

Section: Introductionsupporting

confidence: 86%

Human factors in cybersecurity: an in depth analysis of user centric studies

Hakimi,

Mohammad Mustafa Quchi,

Abdul Wajid Fazil

2024

esaprom

View full text Add to dashboard Cite

show abstract

“…A comprehensive analysis was undertaken to determine the mean expenses associated with cyber incidents across diverse industry domains, with a specific emphasis on identifying the most severe categories. Financial loss is incorporated as a factor in their cyber risk model [31,32].…”

Section: Organisational and Societal Impactmentioning

confidence: 99%

Security Attack Behavioural Pattern Analysis for Critical Service Providers

Seid,

Popov,

Blix

2024

JCP

View full text Add to dashboard Cite

Identifying potential system attacks that define security requirements is crucial to building secure cyber systems. Moreover, the attack frequency makes their subsequent analysis challenging and arduous in cyber–physical systems (CPS). Since CPS include people, organisations, software, and infrastructure, a thorough security attack analysis must consider both strategic (social and organisational) aspects and technical (software and physical infrastructure) aspects. Studying cyberattacks and their potential impact on internal and external assets in cyberspace is essential for maintaining cyber security. The importance is reflected in the work of the Swedish Civil Contingencies Agency (MSB), which receives IT incident reports from essential service providers mandated by the NIS directive of the European Union and Swedish government agencies. To tackle this problem, a multi-realm security attack event monitoring framework was proposed to monitor, model, and analyse security events in social(business process), cyber, and physical infrastructure components of cyber–physical systems. This paper scrutinises security attack patterns and the corresponding security solutions for Swedish government agencies and organisations within the EU’s NIS directive. A pattern analysis was conducted on 254 security incident reports submitted by critical service providers. A total of five critical security attacks, seven vulnerabilities (commonly known as threats), ten attack patterns, and ten parallel attack patterns were identified. Moreover, we employed standard mitigation techniques obtained from recognised repositories of cyberattack knowledge, namely, CAPEC and Mitre, in order to conduct an analysis of the behavioural patterns

show abstract

“…Researchers and practitioners postulate that the impact of malicious cyber activity targeting humans remains underexplored in existing research (Mancuso, Strang, Funke, & Finomore, 2014). Mancuso et al (2014) acknowledge that the current research gap in human performance and behavior in cybersecurity requires urgent attention from social factors practitioners and psychology-based experts.…”

Section: The Sociological Aspects Of Human Factorsmentioning

confidence: 99%

Discovering the Emergence of Technical Sociology in Human Capital Systems and Technology-Driven Organizations

Burrell¹,

Nobles

2022

International Journal of Human Capital and Information Technology Professionals

View full text Add to dashboard Cite

In 2019 the global cost of cyber-crime was over 2 trillion dollars. Current research literature outlines that 80-90% of security breaches are due to human-enabled errors in the U.S. and the U.K. Organizations encounter a barrage of cybersecurity threats that prey on the propensity of human error, human inaction, human behavior, and human misbehavior. As a result, there is an emergence of a new area of research development around technical sociology or digital sociology as a domain to explore the human capital perspectives, group dynamics, and social aspects of cybersecurity and technology management. The paper uses a relational content analysis of the literature as the research approach aimed to determine the presence and relationships of common themes and concepts. The results were creation of a concept matrix model of interrelated co-occurring concepts. The approach used was outlined by Krippendorff (1980) who asserts that concepts are "ideational grains;" these grains can be thought of as emblems which develop connotation through their connections to other emblems.

show abstract

Human Factors of Cyber Attacks

Cited by 18 publications

References 24 publications

Human factors in cybersecurity: an in depth analysis of user centric studies

Human factors in cybersecurity: an in depth analysis of user centric studies

Security Attack Behavioural Pattern Analysis for Critical Service Providers

Discovering the Emergence of Technical Sociology in Human Capital Systems and Technology-Driven Organizations

Contact Info

Product

Resources

About