Show simple item record

dc.contributor.author
Zimmermann, Verena
dc.contributor.author
Renaud, Karen
dc.date.accessioned
2022-06-22T12:34:20Z
dc.date.available
2022-06-22T08:54:47Z
dc.date.available
2022-06-22T12:34:20Z
dc.date.issued
2019-11
dc.identifier.other
https://doi.org/10.1016/j.ijhcs.2019.05.005
en_US
dc.identifier.uri
http://hdl.handle.net/20.500.11850/553952
dc.description.abstract
Cybersecurity has gained prominence, with a number of widely publicised security incidents, hacking attacks and data breaches reaching the news over the last few years. The escalation in the numbers of cyber incidents shows no sign of abating, and it seems appropriate to take a look at the way cybersecurity is conceptualised and to consider whether there is a need for a mindset change. To consider this question, we applied a “problematization” approach to assess current conceptualisations of the cybersecurity problem by government, industry and hackers. Our analysis revealed that individual human actors, in a variety of roles, are generally considered to be “a problem”. We also discovered that deployed solutions primarily focus on preventing adverse events by building resistance: i.e. implementing new security layers and policies that control humans and constrain their problematic behaviours. In essence, this treats all humans in the system as if they might well be malicious actors, and the solutions are designed to prevent their illadvised behaviours. Given the continuing incidences of data breaches and successful hacks, it seems wise to rethink the status quo approach, which we refer to as “Cybersecurity, Currently”. In particular, we suggest that there is a need to reconsider the core assumptions and characterisations of the well-intentioned human’s role in the cybersecurity socio-technical system. Treating everyone as a problem does not seem to work, given the current cyber security landscape. Benefiting from research in other fields, we propose a new mindset i.e. “Cybersecurity, Differently”. This approach rests on recognition of the fact that the problem is actually the high complexity, interconnectedness and emergent qualities of socio-technical systems. The “differently” mindset acknowledges the well-intentioned human’s ability to be an important contributor to organisational cybersecurity, as well as their potential to be “part of the solution” rather than “the problem”. In essence, this new approach initially treats all humans in the system as if they are well-intentioned. The focus is on enhancing factors that contribute to positive outcomes and resilience. We conclude by proposing a set of key principles and, with the help of a prototypical fictional organisation, consider how this mindset could enhance and improve cybersecurity across the socio-technical system.
en_US
dc.language.iso
en
en_US
dc.publisher
Elsevier
en_US
dc.subject
Cybersecurity
en_US
dc.subject
Human’s Role
en_US
dc.subject
Problematization
en_US
dc.subject
Socio-technical System
en_US
dc.title
Moving from a "human-as-problem? to a "human-as-solution? cybersecurity mindset
en_US
dc.type
Journal Article
dc.date.published
2019-05-16
ethz.journal.title
International Journal of Human-Computer Studies
ethz.journal.volume
131
en_US
ethz.pages.start
169
en_US
ethz.pages.end
187
en_US
ethz.publication.place
Amsterdam
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02045 - Dep. Geistes-, Sozial- u. Staatswiss. / Dep. of Humanities, Social and Pol.Sc.
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02045 - Dep. Geistes-, Sozial- u. Staatswiss. / Dep. of Humanities, Social and Pol.Sc.::09775 - Zimmermann, Verena / Zimmermann, Verena
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02045 - Dep. Geistes-, Sozial- u. Staatswiss. / Dep. of Humanities, Social and Pol.Sc.::09775 - Zimmermann, Verena / Zimmermann, Verena
en_US
ethz.date.deposited
2022-06-22T08:54:52Z
ethz.source
BATCH
ethz.eth
no
en_US
ethz.availability
Metadata only
en_US
ethz.rosetta.installDate
2022-06-22T12:34:28Z
ethz.rosetta.lastUpdated
2022-06-22T12:34:28Z
ethz.rosetta.exportRequired
true
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=Moving%20from%20a%20%22human-as-problem?%20to%20a%20%22human-as-solution?%20cybersecurity%20mindset&rft.jtitle=International%20Journal%20of%20Human-Computer%20Studies&rft.date=2019-11&rft.volume=131&rft.spage=169&rft.epage=187&rft.au=Zimmermann,%20Verena&Renaud,%20Karen&rft.genre=article&rft_id=info:doi/https://doi.org/10.1016/j.ijhcs.2019.05.005&
 Search print copy at ETH Library

Files in this item

FilesSizeFormatOpen in viewer

There are no files associated with this item.

Publication type

Show simple item record