Abstract
As cybersecurity (CS) threats become more sophisticated and diversified, organizations are urged to constantly adopt and update measures for contrasting different types of attacks. Particularly, as novel techniques (e.g., social engineering and phishing) are aimed at leveraging individual users’ vulnerabilities to attack and breach a larger system or an entire company, user awareness and behavior have become key factors in preventing adverse events, mitigating their damage, and responding appropriately. As a result, the concept of Cyber Hygiene (CH) is becoming increasingly relevant to address the risk associated to an individual’s CS practices. Consequently, self-assessment tools are becoming more important for evaluating user’s literacy, implementing measures (e.g., training), and studying the effectiveness of interventions. In this paper, we propose a framework for including human factors in the design of self-assessment tools and for accurately modeling CH aspects that the root cause in CS issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Caporusso, N., Chea, S., Abukhaled, R.: A game-theoretical model of ransomware. In: International Conference on Applied Human Factors and Ergonomics, pp. 69–78. Springer, Cham, July (2018)
Stainbrook, M., Caporusso, N.: Convenience or strength? aiding optimal strategies in password generation. In: International Conference on Applied Human Factors and Ergonomics, pp. 23–32. Springer, Cham, July 2018
Stainbrook, M., Caporusso, N.: Comparative evaluation of security and convenience trade-offs in password generation aiding systems. In: International Conference on Applied Human Factors and Ergonomics, pp. 87–96. Springer, Cham, July 2019
Fandakly, T., Caporusso, N.: Beyond passwords: enforcing username security as the first line of defense. In: International Conference on Applied Human Factors and Ergonomics, pp. 48–58. Springer, Cham, July 2019
Vishwanath, A., Neo, L.S., Goh, P., Lee, S., Khader, M., Ong, G., Chin, J.: Cyber hygiene: the concept its measure and its initial tests. Decis. Supp. Syst. 128, 113160 (2020)
Cain, A.A., Edwards, M.E., Still, J.D.: An exploratory study of cyber hygiene behaviors and knowledge. J. Inf. Secur. Appl. 42, 36–45 (2018)
Neigel, A.R., Claypoole, V.L., Waldfogle, G.E., Acharya, S., Hancock, G.M.: Holistic cyber hygiene education: accounting for the human factors. Comput. Secur. 92, 101731 (2020)
Bettinghaus, E.P.: Health promotion and the knowledge-attitude-behavior continuum. Prevent. Med. 15(5), 475–491 (1986)
Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., Zwaans, T.: The human aspects of information security questionnaire (HAIS-Q): two further validation studies. Comput. Secur. 66, 40–51 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Esparza, J., Caporusso, N., Walters, A. (2020). Addressing Human Factors in the Design of Cyber Hygiene Self-assessment Tools. In: Corradini, I., Nardelli, E., Ahram, T. (eds) Advances in Human Factors in Cybersecurity. AHFE 2020. Advances in Intelligent Systems and Computing, vol 1219. Springer, Cham. https://doi.org/10.1007/978-3-030-52581-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-52581-1_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-52580-4
Online ISBN: 978-3-030-52581-1
eBook Packages: EngineeringEngineering (R0)