1 / 14

A Call for the Consideration of Individual Difference in Cyber Security

A Call for the Consideration of Individual Difference in Cyber Security. John E. Buckner Tilman L. Sheets. Louisiana Tech University. Security Breach. Unintentional Naïve Employees Intentional Hackers “Insiders”. Unintentional Breach. Training. Unintentional Breach.

reed
Download Presentation

A Call for the Consideration of Individual Difference in Cyber Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Call for the Consideration of Individual Difference in Cyber Security John E. Buckner Tilman L. Sheets Louisiana Tech University

  2. Security Breach • Unintentional • Naïve Employees • Intentional • Hackers • “Insiders”

  3. Unintentional Breach Training

  4. Unintentional Breach • Cyber Security Training • Educational Programs for Cyber Security • Explosion of popularity and offerings (Newman, 2007) • Increased demand • Training to increase Security • Providing information to employees • Increasing awareness

  5. Unintentional Breach Training Selection

  6. Selection • Personality traits and Individual Differences • Job “Fit” • Creating teams to maximize performance • Cognitive Abilities • Determining key dimensions that predict job success

  7. Unintentional Breach Intentional Breach Training Prevention/Detection Selection

  8. Intentional Breach • Prevention and Detection • Building hardware and software systems • Beyond the scope of our presentation • Training to increase Security • Providing information to “honest “employees • Increasing vigilance for identification of potential threats (activities & behaviors)

  9. Unintentional Breach Intentional Breach Training Prevention/Detection Selection

  10. Selection • Individual Differences • Profiling • Motives • Professionalism and Ethicality (honesty/integrity) (Doty & O’Connor, 2010) • Hacker Personality • white-hat vs black-hat hackers • “Insiders” • Privileged information • Motivation

  11. Selection Extraversion Emotional Stability Agreeableness Conscientiousness Openness • Personality Framework: • The BIG 5 • Extraversion, Emotional Stability, Openness, Conscientiousness, Agreeableness

  12. Selection • Personality Framework: • The BIG 5 • Extraversion, Emotional Stability, Openness, Conscientiousness, Agreeableness • The BIG 5 + 1 • Integrity: Honesty/Humility • Correlated with the ‘‘Dark Triad’’ traits of Machiavellianism, Narcissism,and Primary Psychopathy (Lee & Ashton, 2005). • Intrinsic/Extrinsic Motivation • Largely absent in Cyber Security

  13. Summary • Individual Differences • Predicting “at-risk” employees • Naïve Employees • “Insiders” • Identify those most capable of performing in the field • Individual personality tied to performance • Selecting team members based on personality • Profiling personality of malicious hackers • Identify potential threat

  14. Questions or Comments

More Related