1st Edition
Humans and Cyber Security How Organisations Can Enhance Resilience Through Human Factors
Cyber security incidents are often attributed to “human error”. The discipline of human factors recognises the importance of identifying organisational root causes, rather than focusing on individual actions or behaviours. Humans and Cyber Security: How Organisations Can Enhance Resilience Through Human Factors delivers an applied approach to capturing and mitigating the risk of the human element in cyber security and proposes that it is easier to change organisational practices than it is individual behaviour.
This book identifies undesirable behaviours and practices, then analyses why they occur, and finally, offers mitigating actions. Models of behavioural motivations will be discussed alongside individual vulnerabilities. Organisational vulnerabilities will form the main focus of an applied approach to capturing and mitigating the risk of the human element in cyber security. It concludes with recommended processes that involve talking to a range of individuals across the organization. Backed up with practical materials to facilitate data collection, applied examples and mitigating strategies to address known human vulnerabilities, this book offers the reader a complete view of understanding and preventing cyber security breaches.
The solutions in this book will appeal to students and professionals of human factors, security, informational technology, human resources and business management.
1. Introduction. 2. Problem definition – why consider human factors in cyber security?. 3. Motivation and behaviour. 4. Individual vulnerabilities. 5. Organisational vulnerabilities. 6. Mitigating solutions. 7. Practical materials to capture risk. 8. Applied examples of risk identification and mitigation. 9. Summary and conclusions. References.
Biography
Amanda Widdowson is the Head of Human Factors and User Experience Capability at a large, multinational organisation. She has been applying human factors for over 25 years, mostly in the Defence and Rail sectors. A former President and Chartered Fellow of the Chartered Institute of Ergonomics and Human Factors, she served as a trustee on the Executive Board and as Chair of the Honours Committee until 2022 before starting a second term on the board. In 2018, she received the CIEHF’s Lifetime Achievement award for “significant contributions to the application of ergonomics/human factors”. In 2019 she won a ‘Highly Commended’ award for the Management Consulting Association’s Thought Leading Consultant of the Year and the UK Ministry of Defence’s H Rowbotham award for “outstanding contribution to the field of Human Factors Integration”. In 2024, she was presented with the CIEHF’s annual Institute Lecture award and was invited to speak about human factors in cyber security in this keynote address.
