AHFE Open AccessFrom Security-as-a-Hindrance Towards User-Centred Cybersecurity Design
Abstract
Cybersecurity controls in the workplace are viewed by many people as a hindrance that results in wasted time. End-users often bypass controls to get their work done and because of this, even the technically most secure systems can become unsecured. One crucial reason for this could be a lack of attention paid to usability factors by the software development teams that de-sign controls. In this paper I investigate how to design cybersecurity controls in such a way that the user is more likely to behave in a secure manner when confronted with these controls. I put forward three practices that, when employed alongside each other, hold the promise to produce usable and effective cybersecurity controls.
Keywords: security-by-design, human-centered design, usable security
DOI: 10.54941/ahfe1002209
Cite this paper
More from this volume
- A Metric to Assist in Detecting International Phishing or Ransomware Cyberattacks
- Insider Threat: Cognitive Effects of Modern Apathy towards Privacy, Trust, and Security
- A Didactic Tool for Digital Forensics
- A Closer Look at Insider Threat Research
- Social Engineering and Human-Robot Interactions' Risks
- Isolating Key Phrases to Identify Ransomware Attackers
- Information Security Awareness and Training as a Holistic Key Factor – How Can a Human Firewall Take on a Complementary Role in Information Security?
- Cyberdefense Adaptive Training Based on the Classification of Operator Cognitive State
- Exploring Human and Environmental Factors that Make Organizations Resilient to Social Engineering Attacks
- Assessing Human Factors and Cyber Attacks at the Human-Machine Interface: Threats to Safety and Pilot and Controller Performance
- Navigating through Cyber Threats, A Maritime Navigator’s Experience
- A Coherence Model to Outline Obstacles and Success Factors for Information Security from the CISO's Point of View