Browsing by Author "Smit, Vian"

Now showing 1 - 1 of 1
  • Thumbnail Image
    Item
    A study and analysis of human behaviour influence on cybersecurity. a human behaviourist approach to mitigate social engineering attacks
    (Stellenbosch : Stellenbosch University, 2023-12) Smit, Vian; Dewald, Blaauw; Watson, Bruce; Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science.
    ENGLISH SUMMARY: Protecting intellectual property has become one of the biggest challenges organisations are facing. Information contains private and sensitive data about employees, customers and business dealings that is protected by cybersecurity systems. Oftentimes, these systems which have been developed to protect data, become attractive to thieves, called cybercriminals. Cybercriminals infiltrate information systems to view, steal, corrupt and cause malicious activity by exploiting the most vulnerable areas of the system. Most cybersecurity mitigation techniques focus on improving software, hardware or policies, but rarely focus on the common denominator in all these elements. People are known as the weakest link in any cybersecurity system because they fall prey to human error and external manipulation. Social engineering attacks encompass deceitful techniques which are used by cyberattackers to manipulate human beings into sharing sensitive data. Victims succumb to these attack types because they incorporate clever psychological techniques that trigger basic human needs. Research indicates that human beings have different psychological needs based on their personality types, which cyber offenders exploit by executing social engineering attacks. The purpose of this study is to research which personality type is more susceptible to social engineering attacks in order to better understand the cyber weaknesses present in each personality trait. This will be executed by determining the personality type of participants and how susceptible they are towards social engineering attacks. The first part of the survey makes use of the Five Factor Model (FFM), which has been created by Costa Jr. and McCrae (1990). The second section of the survey will present respondents with the ten known social engineering attack types that contain a combination of Cialdini’s six principles of persuasion. The taxonomy developed from the research results indicates that the agreeableness personality type is most susceptible towards social engineering attacks and pose the highest cybersecurity risk. Neuroticism was found to have the lowest social engineering susceptibility and associated cybersecurity risk. A framework has been created that showcases each personality type’s susceptibility towards the ten social engineering attacks. A second framework indicates the vulnerability level each personality type has towards the various principles of persuasion. This research will help cybersecurity experts better understand key vulnerabilities in system that will help offer better protection.