Behavioural Issues in Cybersecurity

Jose Vila, Pam Briggs, Dawn Branley-Bell, Yolanda Gomez, Lynne Coventry

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

This chapter begins with the challenges that organisations face in dealing with cybersecurity and looks at the critical role of individuals' cybersecurity behaviour within an organisation in ensuring the cybersecurity of the organisation as a whole. It turns to models of human behaviour and decision-making drawn from psychology and behavioural economics, examining their key insights for cybersecurity and cyber insurance. The chapter considers the Theory of Planned Behaviour, Protection Motivation Theory, and others deriving from them, while from behavioural economics and also considers Dual-Thinking Theory and Prospect Theory. Cyber insurance policies are beginning to diversify but have tended to provide three basic types of coverage: liability coverage in the event of a data breach, a means to remedy the breach, and support to repair reputational damage. A significant factor behind poor cybersecurity within organisations is that individual employees behave in insecure ways, i.e. users' lack of “secure” behaviour may leave the company vulnerable to cyber attacks.
Original languageEnglish
Title of host publicationSecurity Risk Models for Cyber Insurance
EditorsDavid Rios Insua, Caroline Baylon, Jose Vila
Place of PublicationAbingdon
PublisherRoutledge
Chapter3
Number of pages22
ISBN (Electronic)9780429329487
ISBN (Print)9780367339494
DOIs
Publication statusPublished - 19 Dec 2020

Fingerprint Dive into the research topics of 'Behavioural Issues in Cybersecurity'. Together they form a unique fingerprint.

Cite this