Cybersecurity as a social phenomenon

Authors: McAlaney, J. and Benson, V.

Pages: 1-8

DOI: 10.1016/B978-0-12-819204-7.00001-4

Abstract:

Humans are social creatures. Our behaviour is influenced by our perceptions of those around us, often to a much greater degree than we realize. However, we tend to make mistakes in our understanding of those around us and the situations that we encounter. We do so because our cognitive resources have limits, meaning that we have developed systems of coming to quick conclusions based on limited information. These processes are known as heuristics. This is not a flaw; rather it is an adaptive strategy that allows us to navigate and survive in our social worlds. Nevertheless, these tendencies may lead people to engage in cybersecurity in risky ways, either as the instigators of attacks, the targets of attacks, or the cybersecurity professionals who seek to prevent and mitigate attacks. Examples of this include group dynamics in which individuals overestimate the abilities of their own group whilst underestimating the abilities of competing groups, or failing to recognize the threat of cybersecurity risks that are difficult to visualize. In ways like those used with marketing and advertising campaigns, social engineers aim to exploit these quirks of social influence and human decision making. A greater understanding of these processes will enable us to develop more informed prevention and mitigation strategies in order to address the increasing challenges we face within cybersecurity.

Source: Scopus