Tashfiq Rahman, Rohani Rohan, Debajyoti Pal, P. Kanthamanon
{"title":"Human Factors in Cybersecurity: A Scoping Review","authors":"Tashfiq Rahman, Rohani Rohan, Debajyoti Pal, P. Kanthamanon","doi":"10.1145/3468784.3468789","DOIUrl":null,"url":null,"abstract":"Humans are often considered to be the weakest link in the cybersecurity chain. However, traditionally the Computer Science (CS) researchers have investigated the technical aspects of cybersecurity, focusing on the encryption and network security mechanisms. The human aspect although very important is often neglected. In this work we carry out a scoping review to investigate the take of the CS community on the human-centric cybersecurity paradigm by considering the top conferences on network and computer security for the past six years. Results show that broadly two types of users are considered: expert and non-expert users. Qualitative techniques dominate the research methodology employed, however, there is a lack of focus on the theoretical aspects. Moreover, the samples have a heavy bias towards the Western community, due to which the results cannot be generalized, and the effect of culture on cybersecurity is a lesser known aspect. Another issue is with respect to the unavailability of standardized security-specific scales that can measure the cybersecurity perception of the users. New insights are obtained and avenues for future research are presented.","PeriodicalId":341589,"journal":{"name":"The 12th International Conference on Advances in Information Technology","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 12th International Conference on Advances in Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3468784.3468789","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 18
Abstract
Humans are often considered to be the weakest link in the cybersecurity chain. However, traditionally the Computer Science (CS) researchers have investigated the technical aspects of cybersecurity, focusing on the encryption and network security mechanisms. The human aspect although very important is often neglected. In this work we carry out a scoping review to investigate the take of the CS community on the human-centric cybersecurity paradigm by considering the top conferences on network and computer security for the past six years. Results show that broadly two types of users are considered: expert and non-expert users. Qualitative techniques dominate the research methodology employed, however, there is a lack of focus on the theoretical aspects. Moreover, the samples have a heavy bias towards the Western community, due to which the results cannot be generalized, and the effect of culture on cybersecurity is a lesser known aspect. Another issue is with respect to the unavailability of standardized security-specific scales that can measure the cybersecurity perception of the users. New insights are obtained and avenues for future research are presented.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
