The "Human Factor" In Cybersecurity: Exploring the Accidental Insider
A great deal of research has been devoted to the exploration and categorization of threats posed from malicious attacks from current employees who are disgruntled with the organisation, or are motivated by financial gain. These so-called “insider threats” pose a growing menace to information security, but given the right mechanisms, they have the potential to be detected and caught. In contrast, human factors related to aspects of poor planning, lack of attention to detail, and ignorance are linked to the rise of the accidental or unintentional insider. In this instance there is no malicious intent and no prior planning for their “attack,” but their actions can be equally as damaging and disruptive to the organi- sation. This chapter presents an exploration of fundamental human factors that could contribute to an individual becoming an unintentional threat. Furthermore, key frameworks for designing mitigations for such threats are also presented, alongside suggestions for future research in this area.
Citation:Hadlington, L. (2018). The “Human Factor” in Cybersecurity. In J. McAlaney and L. A. Frumkin (Eds.), Psychological and Behavioral Examinations in Cyber Security (pp. 46–63). Hershey. PA: IGI Global.
Research Group:Psychology and Technology