A Model of Human Factors in Cyber Security

Abstract

Data has become the new trading currency in today's competitive environment. The human factor is still seen as a significant threat through social engineering channels, despite the advanced technological controls implemented by organizations. Companies can implement appropriate technical solutions, but they are still unable to control the human factor. The aim of the chapter is to better understand the role of human factors in information security. For this purpose, it provides a model that focuses on human-security elements including management commitment, skills, experiences, self-efficacy of human resources, and security culture and training as the vulnerable factors in information security issues. Quantitative methodology and statistical technique are used for analysis. Thus, the main contribution of this research is to present a model of human resource factors in information security that can be applied in several case studies, and the results can be compared.