The Human Factor in Cyber Resilience: Behavioural, Organisational and Sociotechnical Perspectives

Open Access
Article
Conference Proceedings
Authors: Lena Von Damaros
Abstract

Organisations increasingly recognise that cyber resilience cannot be achieved through technical controls alone, but critically depends on how individuals perceive and enact security requirements in everyday work. This paper synthesises current knowledge on the human factor in cyber resilience at the intersection of behaviour, organisational culture and sociotechnical design.First, core constructs are clarified by linking cyber resilience with established approaches from human factors and work and organisational psychology, including stress and cognitive load, trust and the psychological contract, security culture and human–technology interaction. On this basis, three levels of analysis are distinguished: an individual level (psychological resources and decision processes), an organisational level (leadership, culture, work organisation, perceived fairness and support) and a sociotechnical level (design of technologies, interfaces and digital assistance systems).Second, the paper conducts a structured narrative review of recent empirical and conceptual literature, drawing on seven scientific databases and restricted to peer-reviewed publications from 2023 onwards, to synthesise recurring psychological and organisational mechanisms that influence security‑relevant behaviour. Particular attention is paid to tensions between productivity pressures and security demands, as well as to the roles of emotions, fatigue and habituation in real‑world decision making. Third, the contribution formulates a literature‑based research agenda that highlights key priorities for future interdisciplinary research and for the development of resilience‑oriented awareness programmes, leadership practices, work organisation and adaptive sociotechnical solutions.

Keywords: Cyber Resilience, Cybersecurity, Human Behaviour, Organisational Culture, Sociotechnical Systems

DOI: 10.54941/ahfe1007419

Cite this paper
Downloads
0
Visits
1
Download PDF

More from this volume

Beyond Security Awareness: A Scoping Review of Human Factors in SME Cyber Resilience Frameworks (2018-2026)
View all articles in Human Factors in Cybersecurity