当前位置:首页 > 报告详情

人并非网络安全中最薄弱的环节.pdf

上传人: 可*** 编号:991822 2025-12-07 43页 3.46MB

1、Inge Wetzer,PhDAug 14th 2025People are not the weakest link in cybersecurity Our understanding of people is!1234A PSYCHOLOGIST?IN CYBERSECURITY?5INGE WETZERPrincipal psychologistCybersecurity&ComplianceBUREAU VERITAS CYBERSECURITYCYBERSECURITY IN ORGANISATIONS6No one size fits all!Rules,policy,proce

2、sses,etc.Which behavior is secure?Wear a badge Choose a strong password Lock your computer etcKNOWING WHAT IS DESIRED FROM PEOPLE7Mostly,people are told how to behaveThey get informed and instructed and the conclusion is that people are the weakest link in cybersecurityBut knowing what is desired fr

3、om people is not the same as being able to influence them!EXPERTISE OF PSYCHOLOGISTS8HOW TO make peopleWear their badgesUse a strong passwordLock their computersPsychology is the science of behaviorIt may seem easy,butCOMBINE THE EXPERTISES!9COMBINE THE EXPERTISES!10ProcessesWhat is the policy on in

4、formation security?TechnologyWhat is technically possible?PeopleWhat is desired from people?CYBERSECURITY LEARNS FROM PSYCHOLOGY11PEOPLE ARE NOT RATIONAL 12All efforts put into awareness trainings,new procedures,sending e-mails,etc.Sending knowledge,because we rely on that people will behave rationa

5、llyConclusion:People are the weakest linkHowever,look at daily life13 P R O P R I E T A R Y&C O N F I D E N T I A L P R O P R I E T A R Y&C O N F I D E N T I A L P R O P R I E T A R Y&C O N F I D E N T I A L17KNOWLEDGE AND AWARENESS18DO NOT GUARANTEE THE DESIRED BEHAVIORHUMAN BEHAVIOR IN CYBERSECURI

6、TY19METHOD20Online survey questionnaireN=115520 organisations in health careASSESSING KNOWLEDGE21Knowledge testAbility was assessed on 15 topics Per topic:Question Right answer 2 wrong answers“I dont knowASSESSING BEHAVIOR22After each of the ability items:“Do you actually do this?”Scored on a 5-poin

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《Data》标记中的内容,全文主要内容概括如下: - **核心观点**:人们不是网络安全中最薄弱的环节,我们对人的理解才是。心理学在网络安全中的应用至关重要。 - **关键数据**: - 38%的人对信息安全知识缺乏了解。 - 88%的人知道锁定电脑屏幕的重要性,但只有42%的人实际这么做。 - 82%的人知道设置强密码的重要性,但只有31%的人实际这么做。 - **关键点**: - 知识和意识并不保证人们的行为。 - 行为由能力、动机和机会共同决定。 - 需要教育、激励和便利化措施来改变行为。 - 通过识别并移除阻碍行为的障碍,可以促进安全行为。
心理学视角" 行为改变的关键" 网络安全新策略"
客服
商务合作
小程序
服务号
折叠