Cognitively Available Cybersecurity: A Systematic Literature Review

Cybersecurity is imperative to safeguard the digital systems on which the world has come to rely. A core part of cybersecurity is users' ability to adopt protective behavior by using security functions and adhering to security policies. Protective behavior requires cognitive effort, and some research suggests that users with cognitive challenges may struggle. There is no cohesive body of knowledge addressing those struggles and that gap is addressed in this research. A systematic literature was conducted to review how cognitive challenges are discussed in relationship to end-users' cybersecurity. The findings reveal that the research on the topic is limited but agrees that adopting protective behavior is cognitively demanding. That hinders both users with cognitive disabilities and neurotypical users from being secure. While addressing cognitive challenges is the cybersecurity domain is identified as an important future challenge, limiting the effort put on users to minimize the required cognitive energy is identified as a starting point.