Abstract
It is now readily recognised that cyber-security is not just a technical issue, with many breaches highlighting insufficient attention towards human aspects. One of the fundamental reasons for this is that people are not naturally equipped with the skills, instincts and behaviours required to ensure appropriate protection and so need support in order to help them understand what they should be doing and learn how to do it. However, looking at the evidence from surveys over the years, it becomes clear that security awareness, training and education often hold the curious distinction of being overlooked as key controls, while the lack of provision is readily recognised as a key cause of incidents. As such, this remains an area in which more could be done – and how it is done could be improved. Cyber-security is not just a technical issue. Breach after breach has shown the impact of human factors. People are not naturally equipped with the skills, instincts and behaviours required to ensure appropriate protection and so need support. However, while the lack of provision is recognised as a cause of incidents, security awareness and training are often overlooked. Steven Furnell and Ismini Vasileiou of the Centre for Security, Communications and Network Research at the University of Plymouth examine how this situation can be improved.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
