Examining the Human Factors in Cybersecurity Practices: Psychological, Technical, and Organisational Perspectives
Avishkar Nikum *
Amazon.com Services LLC, USA.
*Author to whom correspondence should be addressed.
Abstract
The study of human factors in cybersecurity is increasingly relevant due to the growing complexity and scale of cyber threats, coupled with the paradoxical position of humans as both a key element of protection and the most vulnerable link in information security systems. This study provides a comprehensive analysis of psychological, organisational, and technical aspects of human influence on cybersecurity and characterises strategies to minimise associated risks. The research employed systematic literature review, statistical assessment, comparison, systematic-logical methods, and generalization.
Key findings revealed important contradictions, including conflicts between system safety and usability, the challenge of balancing automation with human control, and ethical dilemmas related to employee monitoring. The research found that attackers actively exploit human psychological traits to gain unauthorised access, with techniques like "pretexting" becoming increasingly sophisticated. Special attention was given to incorporating human factors in security architecture design, which requires an interdisciplinary approach. User and Entity Behaviour Analytics (UEBA) systems enable detection of anomalous behaviours that may indicate insider activity, though careful configuration is needed to minimise false positives.
Literature analysis concluded that an integrated approach to cybersecurity must account for users' cognitive characteristics, organisational culture, and technological innovations. An effective cybersecurity strategy should incorporate personalised training programs, ergonomic security interfaces, and cybersecurity culture development across all organisational levels. Particular attention should focus on emotional intelligence and critical thinking to counter social engineering attacks.
These findings may benefit information security specialists, organisational leaders, security system developers, and researchers in psychology, organisational behaviour, and computer science.
Keywords: Cybersecurity, security culture, social engineering, human factor, emotional intelligence, psychology