Understanding the Last Line of Defense: Human Response to Cybersecurity Events

被引:2
作者
Rebensky, Summer [1 ]
Carroll, Meredith [1 ]
Nakushian, Andrew [1 ]
Chaparro, Maria [1 ]
Prior, Tricia [1 ]
机构
[1] Florida Inst Technol, Melbourne, FL 32901 USA
来源
HCI FOR CYBERSECURITY, PRIVACY AND TRUST (HCI-CPT 2021) | 2021年 / 12788卷
关键词
Cybersecurity; Internet of Things (IoT); Human factors; Information security; Decision making; SECURITY; TRUST; INTERNET; SCIENCE; PRIVACY;
D O I
10.1007/978-3-030-77392-2_23
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Cybersecurity in consumer, corporate, and military settings, continues to be a growing concern in the modern and technologically driven world. As Wiederhold (2014) puts it, "the human factor remains the security's weakest link in cyberspace." Aliterature reviewrelated to human response to cybersecurity events reveals three phases involved in the cybersecurity response process, including: (1) Susceptibility, the phase preceding an event, which primarily encompasses behaviors that impact vulnerability to a cybersecurity event; (2) Detection of the event when it occurs; and (3) Response to the event after it occurs. In order for an individual to effectively protect themselves and their organizations from cybersecurity breaches, they must understand and be sensitive to the susceptibility of their devices, and when a potential breach occurs, must exhibit rapid and effective response. The goal of this effort was to examine the human factors surrounding non-expert response to a cybersecurity vulnerability or event and create a framework based on the literature. Recommendations for what steps can be taken to better prepare individuals to respond to cyber events is provided.
引用
收藏
页码:353 / 366
页数:14
相关论文
共 43 条
[1]   Privacy and human behavior in the age of information [J].
Acquisti, Alessandro ;
Brandimarte, Laura ;
Loewenstein, George .
SCIENCE, 2015, 347 (6221) :509-514
[2]  
Albert L.J., 2019, E-Journal of Social Behavioural Research in Business, P41
[3]   Improving IoT Technology Adoption through Improving Consumer Trust [J].
AlHogail, Areej .
TECHNOLOGIES, 2018, 6 (03)
[4]   Effects of cyber security knowledge on attack detection [J].
Ben-Asher, Noam ;
Gonzalez, Cleotilde .
COMPUTERS IN HUMAN BEHAVIOR, 2015, 48 :51-61
[5]  
Bowen B. M., 2011, 2011 IEEE International Conference on Technologies for Homeland Security (HST 2011), P230, DOI 10.1109/THS.2011.6107876
[6]   A survey on smartphone user's security choices, awareness and education [J].
Breitinger, Frank ;
Tully-Doyle, Ryan ;
Hassenfeldt, Courtney .
COMPUTERS & SECURITY, 2020, 88
[7]   Critical roles of knowledge and motivation in privacy research [J].
Brought, Aaron R. ;
Martin, Kelly D. .
CURRENT OPINION IN PSYCHOLOGY, 2020, 31 :11-15
[8]   Assessing the Role of Security Education, Training, and Awareness on Insiders' Security-related Behavior: An Expectancy Theory Approach [J].
Burns, A. J. ;
Roberts, Tom L. ;
Posey, Clay ;
Bennett, Rebecca J. ;
Courtney, James F. .
2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), 2015, :3930-3940
[9]  
Chief of Naval Personnel Public Affairs, 2016, SEC BREACH NOT SAIL
[10]   The role of privacy fatigue in online privacy behavior [J].
Choi, Hanbyul ;
Park, Jonghwa ;
Jung, Yoonhyuk .
COMPUTERS IN HUMAN BEHAVIOR, 2018, 81 :42-51