AHFE Open AccessIntegrating Human Factors into Data-driven Threat Management for Overall Security Enhancement
Abstract
Human and other non-technological issues are often overlooked, which directly and indirectly contributing to many successful cyber attacks, including DoS, social engineering, download-driven attacks, and more. Considering human issues as causes for internal threats and weaknesses, a deeper understanding of these factors is essential for overall security enhancement. Therefore, organizations of all sizes need to ensure a broad range of knowledge, skills, and awareness among all user levels, from individual end-users to security practitioners. However, this task is challenging due to the evolving nature of business, systems, and threat contexts. To address this challenge, our research represents a significant advancement in holistic and comprehensive threat assessments, surpassing existing practices by considering pertinent human factors. Our approach views humans as potential weaknesses or threats, influenced by various factors. Specifically, it incorporates key human elements, such as motivation, knowledge, context, and privilege, into the threat management process to enhance overall security. These factors are systematically classified and interconnected, facilitating the identification of weaknesses and threats posed by humans within the system context. For example, depending on the context, privilege can be categorized into three levels: organizational, departmental, and unprivileged, with end-user privileges falling into these classifications. Knowledge, as a human factor in this approach, is differentiated into technological and security awareness. Our proposed approach extends data-driven threat modeling by integrating human factors to identify and assess threats related to these factors. We present a conceptual model that combines human factors with cybersecurity concepts, including data, assets, threats, weaknesses, and controls, to assess and manage threats associated with human factors and evaluated from both insider weaknesses and threat perspectives. This contributes significantly to overall security enhancement, including improving the accuracy of threat assessments, identifying new threats, and developing more effective threat mitigation strategies.
Keywords: Threat Management, Insider Threat, Vulnerabilities, Human Factors, Context, Knowledge
DOI: 10.54941/ahfe1004778
Cite this paper
More from this volume
- Using DESM to demonstrate how behavior can impact an enterprise's physical attack surface structure
- Proposing a DESM-based analytical framework for the enterprise cyber defender
- Interactive virtual learning environment to develop next-generation cybersecurity practitioner competency
- Biometric Authentication for the Mitigation of Human Risk on a Social Network
- Measuring How Appropriate Individuals Are for Specific Jobs in a Network of Collaborators
- A Notion of Trustworthiness Based on Centrality in a Social Network
- Towards a Human-Centric AI Trustworthiness Risk Management Framework
- Does penalty help people learn to detect phishing emails?
- A survey of agent-based modeling for cybersecurity
- Mental Firewall Breached: Leveraging Cognitive Biases for Enhanced Cybersecurity
- Analyzing important factors in cybersecurity incidents using table-top exercise
- Discovering Cognitive Biases in Cyber Attackers’ Network Exploitation Activities: A Case Study