The Role of Human Factors/Ergonomics in the Science of Security
- 20 May 2015
- journal article
- Published by SAGE Publications in Human Factors: The Journal of the Human Factors and Ergonomics Society
- Vol. 57 (5), 721-727
- https://doi.org/10.1177/0018720815585906
Abstract
Objective: The overarching goal is to convey the concept of science of security and the contributions that a scientifically based, human factors approach can make to this interdisciplinary field. Background: Rather than a piecemeal approach to solving cybersecurity problems as they arise, the U.S. government is mounting a systematic effort to develop an approach grounded in science. Because humans play a central role in security measures, research on security-related decisions and actions grounded in principles of human information-processing and decision-making is crucial to this interdisciplinary effort. Method: We describe the science of security and the role that human factors can play in it, and use two examples of research in cybersecurity—detection of phishing attacks and selection of mobile applications—to illustrate the contribution of a scientific, human factors approach. Results: In these research areas, we show that systematic information-processing analyses of the decisions that users make and the actions they take provide a basis for integrating the human component of security science. Conclusion: Human factors specialists should utilize their foundation in the science of applied information processing and decision making to contribute to the science of cybersecurity.Keywords
This publication has 30 references indexed in Scilit:
- Dancing in the dark: no role for consciousness in action controlFrontiers in Psychology, 2013
- Human Factors and Information SecurityPublished by Wiley ,2012
- Human Performance in Cybersecurity: A Research AgendaProceedings of the Human Factors and Ergonomics Society Annual Meeting, 2011
- Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing modelDecision Support Systems, 2011
- The New Policy World of CybersecurityPublic Administration Review, 2011
- Neural visualization of network traffic data for intrusion detectionApplied Soft Computing, 2011
- Influence of the Privacy Bird® user agent on user trust of different web sitesComputers in Industry, 2010
- Cumulative Knowledge and Progress in Human FactorsAnnual Review of Psychology, 2010
- Detecting deception: adversarial problem solving in a low base‐rate worldCognitive Science, 2001
- Prospect Theory: An Analysis of Decision under RiskEconometrica, 1979