Human Factors in Cybersecurity in Icelandic Small and Medium-Sized Enterprises

Cybersecurity threats are increasing in all aspects of society due to the integration of digital systems into modern-day life and a volatile geo-political landscape. Technical factors are an ongoing arms race; however, the threat surface from human and social factors is still present, often...

MORPHEUS: A Multidimensional Framework for Modeling, Measuring, and Mitigating Human Factors in Cybersecurity

Current cybersecurity research increasingly acknowledges the human factor, yet remains fragmented, often treating user vulnerabilities as isolated and static traits. This paper introduces MORPHEUS, a holistic framework that operationalizes human-centric security as a dynamic and interconnected...

Social Engineering Attacks: A Systemisation of Knowledge on People against Humans

Our systematisation of knowledge on Social Engineering Attacks SEAs, identifies the human, organisational, and adversarial dimensions of cyber threats. It addresses the growing risks posed by SEAs, highly relevant in the context physical cyber places, such as travellers at airports and residents ...

So, I Climbed to the Top of the Pyramid of Pain -- Now What?

This paper explores the evolving dynamics of cybersecurity in the age of advanced AI, from the perspective of the introduced Human Layer Kill Chain framework. As traditional attack models like Lockheed Martin's Cyber Kill Chain become inadequate in addressing human vulnerabilities exploited by...

A Case Study on the Use of Representativeness Bias As a Defense against Adversarial Cyber Threats

Cyberspace is an ever-evolving battleground involving adversaries seeking to circumvent existing safeguards and defenders aiming to stay one step ahead by predicting and mitigating the next threat. Existing mitigation strategies have focused primarily on solutions that consider software or hardwa...

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Really interesting research: "How WEIRD is Usable Privacy and Security Research?" by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract : In human factor fields such as human-computer interaction HCI and psychology, researchers have been concerned that participants mostly come from...

The CISO’s Top Priority: Elevating Data-Centric Security

The shift to cloud computing has enhanced the resilience and security of most organizations. In this era of unparalleled agility and scalability, data-centric security can offer transformational opportunities for Chief Information Security Officers CISOs to improve data protection, compliance, an...

How Human Elements Impact Email Security

By Owais Sultan Human factors heavily influence email security, with individuals vulnerability to phishing and social engineering playing a crucial role… This is a post from HackRead.com Read the original post: How Human Elements Impact Email Security...

2023 Review: Reflecting on Cybersecurity Trends

Every year, experts weigh in with predictions of what the big cybersecurity trends will be—but how often are they right? That’s the question Trend Micro’s Greg Young and Bill Malik asked recently on their Real Cybersecurity podcast, looking at what forecasters got wrong on a wide range of topics,...

2023 Review: Reflecting on Cybersecurity Trends

Every year, experts weigh in with predictions of what the big cybersecurity trends will be—but how often are they right? That’s the question Trend Micro’s Greg Young and Bill Malik asked recently on their Real Cybersecurity podcast, looking at what forecasters got wrong on a wide range of topics,...

[Security Nation] Pete Cooper and Irene Pontisso of the UK Cabinet Office on Their Cybersecurity Culture Competition

!\Security Nation\ Pete Cooper and Irene Pontisso of the UK Cabinet Office on Their Cybersecurity Culture Competitionhttps://blog.rapid7.com/content/images/2021/11/securitynationlogo--1-.jpg In this special bonus episode of Security Nation, Jen and Tod chat with Pete Cooper and Irene Pontisso fro...

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing

Phishing attacks have become one of the business world's top cybersecurity concerns. These social engineering attacks have been rising over the years, with the most recent report from the Anti-Phishing Working Group coalition identifying over 266,000 active spoofed websites, which is nearly doubl...

On Security Tokens

Mark Risher of Google extols the virtues of security keys: I'll say it again for the people in the back: with Security Keys, instead of the user needing to verify the site, the site has to prove itself to the key. Good security these days is about human factors; we have to take the onus off of th...

Why Care About Data-Centric Security?

It’s no surprise that data breaches are evolving and becoming increasingly more complex. According to the Verizon 2017 Data Breach Investigation Report, data breaches are “complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious...

2 0 1 5 year 8 on data security vulnerability analysis report-vulnerability warning-the black bar safety net

! Anwar gold and database attack and Defense laboratory DBSec Labs in months, the high-risk vulnerability summary form analysis report, share of the majority of users and partners. 8 monthly report of core ideas 1. The Web is data leakage a major channel 2. The Internet has become a data leak...

Social engineering information security against the new field-bug warning-the black bar safety net

Information security vulnerabilities are widespread, any one system are a potential security risk. In recent years, the use of means of social engineering, break through the information security defensive measures of an event, has shown a rise even spread of the trend, become the information...