• PDF / 466,854 Bytes
• 15 Pages / 439.37 x 666.142 pts Page_size
• 100 Downloads / 174 Views

DOWNLOAD

REPORT

Abstract The multiple types of culture (e.g. national, social, religious, ethnic, geographic, organizational) that influence human behavioral characteristics and interactions also affect how humans interact with technology and the Internet. In an effort to further understand (and measure) how human factors influence cybersecurity risk, we propose incorporating individuals’ national culture within the human factors framework component of our holistic cybersecurity risk assessment framework. The justification for this inclusion of national culture into the framework results from Nisbett’s, Heinrich’s, and Hofstede’s work with culture and cognition along with Sample’s work with culture and cyber. Culture is a key factor with respect to the human element that has been understudied in cybersecurity risk literature. By identifying the critical culture metrics and integrating them within the Human Factors Framework and Ontology developed for identifying cybersecurity risk assessment metrics for modeling to facilitate additional experimentation. Keywords Culture


Cybersecurity
Risk assessment
Metrics

D. Henshel (&)
M. Cains School of Public and Environmental Affair, Bloomington, IN 47408, USA e-mail: [email protected] M. Cains e-mail: [email protected] C. Sample Army Research Laboratory, Adelphi, MD, USA e-mail: char.sample@icfi.com B. Hoffman Army Research Laboratory, Aberdeen Proving Ground, Aberdeen, MD, USA e-mail: [email protected] © Springer International Publishing Switzerland 2016 D. Nicholson (ed.), Advances in Human Factors in Cybersecurity, Advances in Intelligent Systems and Computing 501, DOI 10.1007/978-3-319-41932-9_11

123

124

D. Henshel et al.

1 Introduction Recent efforts to increase overall cybersecurity of the Internet have focused on developing a widespread “culture of cybersecurity” [1, 2]; however it is also important to understand how culture affects the use and abuse of cyber resources that might influence cybersecurity postures (i.e. attacks, carelessness, social abuse, social engineering). Defenders, attackers, and users are influenced differently by the “culture of cybersecurity” and how culture affects cybersecurity. While all three human agents may share cultural similarities, the way they interact with the Internet is distinct (e.g. protect, exploit, consume). The examination of an individual’s culture can provide information about the type and degree of risk mitigation or risk aggravation typically associated with cultural norms associated with the individual’s country of origin. For the most part (and not including insider threats), defenders work to increase cybersecurity, attackers are malevolent, and users may be considered neutral for risk. Our overall goal is to develop a method to characterize human factors as they affect cybersecurity risk, to add humans into holistic cybersecurity risk assessment. Our research aims to answer how the culture of individuals (i.e. their ethos) affects their efficacy, performance, and contribution to cybersecurity risk as defe

Recommend Documents

Cultural Factors

149 57 35MB

Cultural Factors

146 55 1MB

Human Factors

195 48 47MB

Human Factors

177 93 25MB

Challenges for Integrating Humans into Vehicular Cyber-Physical Systems

160 80 10MB

Human Factors/Ergonomics

172 36 35MB

Human Factors in Healthcare

168 85 14MB

Cross-Cultural Factors and Identity in Adolescence

162 51 7MB

Human Factors Engineering

157 22 25MB

Human Factors in Military Surgery

176 75 5MB

Integrating selection, niche, and diversification into a hierarchical conceptual framework

190 41 512KB

Exploring Human Factors in Trauma

158 74 5MB