Human-centric cyber security : human psychological traits in cyber security behavioural intent

In this digital age, information is transferred with such ease and speed that security is rarely taken into consideration. Hacking is referred to the activity portrayed in movies à la Mission Impossible, or simply taken for granted and assume that it is “someone else’s problem”. Security in the doma...

Full description

Saved in:
Bibliographic Details
Main Author: Ken, Yeo-Moriuchi
Other Authors: Theng Yin Leng
Format: Theses and Dissertations
Language:English
Published: 2017
Subjects:
Online Access:http://hdl.handle.net/10356/69450
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-69450
record_format dspace
spelling sg-ntu-dr.10356-694502019-12-10T11:44:14Z Human-centric cyber security : human psychological traits in cyber security behavioural intent Ken, Yeo-Moriuchi Theng Yin Leng Wee Kim Wee School of Communication and Information DRNTU::Social sciences::Communication In this digital age, information is transferred with such ease and speed that security is rarely taken into consideration. Hacking is referred to the activity portrayed in movies à la Mission Impossible, or simply taken for granted and assume that it is “someone else’s problem”. Security in the domain of Information Technology or digital space has been through a plethora of changes – attacks from viruses in the past were merely acts of mischief, devoid of serious criminal intent. Today, attacks are more serious. Attackers might range from activists to organized crime groups. Viruses have evolved into advanced malware capable of encrypting user’s computer system ergo paralysing users, or exfiltration of commercial information or even leaking state secrets. Defenses have also evolved alongside these malware, from simple signature-based detection to advanced sandboxing technology. However, the defenses are only as strong as the weakest link, the human. One of the most prevalent methods employed in recent years is phishing, where attackers use social engineering to understand victims and then launch an attack by spoofing, passing themselves off as a legitimate, trusted source. This research aims to understand the relationship of human psychological traits (Self-efficacy in Information Security, Internet Self-efficacy, Risk Propensity and Trust Propensity) and their effects on users’ Cyber Security Behavioural Intent in the Cyberspace. Users were surveyed based on questionnaires about their environment, digital competency, devices they interact with at work and at home, and their attitude towards risk, trust and cyber security. Relations are drawn to help in understanding whether certain psychological traits increase the tendency of a targeted cyber-attack.The findings of these relations would be especially useful since in the connected world, when one of the devices gets compromised, the rest within the same network will as well. If potential attack points can be pre-empted and proactive measures can be taken to prevent them, this will supplement the reactive approach that most organisations adopt today, mitigating or even preventing cyber security breaches. Future work could include these findings as part of their strategy in implementing policies for organisations. User Behaviour Analytic (UBA) software can also take into consideration the inherent characteristics of humans to build better baseline so as to have more accurate predictions if people’s behaviours pose as threats or not. Master of Science (Information Systems) 2017-01-12T03:33:26Z 2017-01-12T03:33:26Z 2017 Thesis http://hdl.handle.net/10356/69450 en Nanyang Technological University 107 p. application/pdf
institution Nanyang Technological University
building NTU Library
country Singapore
collection DR-NTU
language English
topic DRNTU::Social sciences::Communication
spellingShingle DRNTU::Social sciences::Communication
Ken, Yeo-Moriuchi
Human-centric cyber security : human psychological traits in cyber security behavioural intent
description In this digital age, information is transferred with such ease and speed that security is rarely taken into consideration. Hacking is referred to the activity portrayed in movies à la Mission Impossible, or simply taken for granted and assume that it is “someone else’s problem”. Security in the domain of Information Technology or digital space has been through a plethora of changes – attacks from viruses in the past were merely acts of mischief, devoid of serious criminal intent. Today, attacks are more serious. Attackers might range from activists to organized crime groups. Viruses have evolved into advanced malware capable of encrypting user’s computer system ergo paralysing users, or exfiltration of commercial information or even leaking state secrets. Defenses have also evolved alongside these malware, from simple signature-based detection to advanced sandboxing technology. However, the defenses are only as strong as the weakest link, the human. One of the most prevalent methods employed in recent years is phishing, where attackers use social engineering to understand victims and then launch an attack by spoofing, passing themselves off as a legitimate, trusted source. This research aims to understand the relationship of human psychological traits (Self-efficacy in Information Security, Internet Self-efficacy, Risk Propensity and Trust Propensity) and their effects on users’ Cyber Security Behavioural Intent in the Cyberspace. Users were surveyed based on questionnaires about their environment, digital competency, devices they interact with at work and at home, and their attitude towards risk, trust and cyber security. Relations are drawn to help in understanding whether certain psychological traits increase the tendency of a targeted cyber-attack.The findings of these relations would be especially useful since in the connected world, when one of the devices gets compromised, the rest within the same network will as well. If potential attack points can be pre-empted and proactive measures can be taken to prevent them, this will supplement the reactive approach that most organisations adopt today, mitigating or even preventing cyber security breaches. Future work could include these findings as part of their strategy in implementing policies for organisations. User Behaviour Analytic (UBA) software can also take into consideration the inherent characteristics of humans to build better baseline so as to have more accurate predictions if people’s behaviours pose as threats or not.
author2 Theng Yin Leng
author_facet Theng Yin Leng
Ken, Yeo-Moriuchi
format Theses and Dissertations
author Ken, Yeo-Moriuchi
author_sort Ken, Yeo-Moriuchi
title Human-centric cyber security : human psychological traits in cyber security behavioural intent
title_short Human-centric cyber security : human psychological traits in cyber security behavioural intent
title_full Human-centric cyber security : human psychological traits in cyber security behavioural intent
title_fullStr Human-centric cyber security : human psychological traits in cyber security behavioural intent
title_full_unstemmed Human-centric cyber security : human psychological traits in cyber security behavioural intent
title_sort human-centric cyber security : human psychological traits in cyber security behavioural intent
publishDate 2017
url http://hdl.handle.net/10356/69450
_version_ 1681045423758770176