Integrating Human Factors into Data-driven Threat Management for Overall Security Enhancement

Alwaheidi, M., Islam, S., Papastergiou, S., Kioskli, K.  (2024). Integrating Human Factors into Data-driven Threat Management  for Overall Security Enhancement. In: Abbas Moallem (eds) Human Factors in Cybersecurity. AHFE (2024) International Conference. AHFE Open Access, vol 127. AHFE International, USA.
http://doi.org/10.54941/ahfe1004778

Abstract: Human and other non-technological issues are often overlooked, which directly and indirectly contribute to many successful cyber attacks, including DoS, social engineering, download-driven attacks, and more. Considering human issues as causes for internal threats and weaknesses, a deeper understanding of these factors is essential for overall security enhancement. Therefore, organisations of all sizes need to ensure a broad range of knowledge, skills, and awareness among all user levels, from individual end-users to security practitioners. However, this task is challenging due to the evolving nature of business, systems, and threat contexts. To address this challenge, our research represents a significant advancement in holistic and comprehensive threat assessments, surpassing existing practices by considering pertinent human factors. Our approach views humans as potential weaknesses or threats, influenced by various factors. Specifically, it incorporates key human elements, such as motivation, knowledge, context, and privilege, into the threat management process to enhance overall security. These factors are systematically classified and interconnected, facilitating the identification of weaknesses and threats posed by humans within the system context. For example, depending on the context, privilege can be categorised into three levels: organisational, departmental, and unprivileged, with end-user privileges falling into these classifications. Knowledge, as a human factor in this approach, is differentiated into technological and security awareness. Our proposed approach extends data-driven threat modelling by integrating human factors to identify and assess threats related to these factors. We present a conceptual model that combines human factors with cybersecurity concepts, including data, assets, threats, weaknesses, and controls, to assess and manage threats associated with human factors and evaluate them from both insider weaknesses and threat perspectives. This contributes significantly to overall security enhancement, including improving the accuracy of threat assessments, identifying new threats, and developing more effective threat mitigation strategies.