1. bookTom 13 (2022): Zeszyt 1 (July 2022)
Informacje o czasopiśmie
Pierwsze wydanie
06 Mar 2017
Częstotliwość wydawania
3 razy w roku
Otwarty dostęp

Stress, Burnout, and Security Fatigue in Cybersecurity: A Human Factors Problem

Data publikacji: 28 Jun 2022
Tom & Zeszyt: Tom 13 (2022) - Zeszyt 1 (July 2022)
Zakres stron: 49 - 72
Otrzymano: 01 Jan 2022
Przyjęty: 01 Apr 2022
Informacje o czasopiśmie
Pierwsze wydanie
06 Mar 2017
Częstotliwość wydawania
3 razy w roku

Aminanto M.E., Zhu L., Ban T., Isawa R., Takahashi T., Inoue D. (2019) Combating threat-alert fatigue with online anomaly detection using isolation forest. In: Gedeon T., Wong K., Lee M. (eds) Neural Information Processing. ICONIP 2019. Lecture Notes in Computer Science, vol 11953. Springer, Cha10.1007/978-3-030-36708-4_62 Search in Google Scholar

Bojanova, I., Voas, J., Chang, M., & Wilbanks, L. (2016). Cybersecurity or Privacy [Guest editors’ introduction]. I.T. Professional, 18(5), 16-17.10.1109/MITP.2016.80 Search in Google Scholar

Bone, J. (2017). Cognitive Hack: The New Battleground in Cybersecurity... the Human Mind. CRC Press.10.1201/9781315368412 Search in Google Scholar

Boy, G. A. (2017). Human-centered design of complex systems: An experience-based approach. Design Science, 3.10.1017/dsj.2017.8 Search in Google Scholar

Choi, H., & Jung, Y. (2018). The role of privacy fatigue in online privacy behavior. Computers in Human Behavior, 81, 42–51. https://doi.org/10.1016/j.chb.2017.12.001 Search in Google Scholar

Cong Pham, H., Brennan, L., & Furnell, S. M. (2019). Information security burnout: Identification of sources and mitigating factors from security demands and resources. Journal of Information Security and Applications. Retrieved from http://hdl.handle.net/10026.1/13591. DOI: 10.1016/j.jisa.2019.03.012 Otwórz DOISearch in Google Scholar

Corporate Compliance Insights. (2015, May 13). Retrieved from https://www.corporatecomplianceinsights.com/thomson-reuters-annual-cost-of-compliance-survey-shows-regulatory-fatigue-resource-challenges-and-personal-liability-to-increase-throughout-2015/ Search in Google Scholar

Cram, W. A., Proudfoot, J. G., & D’Arcy, J. (2019). When enough is enough: Investigating the antecedents and consequences of information security fatigue. Information Systems Journal.10.1111/isj.12319 Search in Google Scholar

Cunningham, M. (2021, March 25). “Tiny crimes” – How minor mistakes when remote working could lead to major cybersecurity breaches (Part 1). Forcepoint.com. Retrieved from https://www.forcepoint.com/blog/x-labs/minor-mistakes-major-breaches-pt-1. Search in Google Scholar

Cybenko, G., Giani, A., & Thompson, P. (2002). Cognitive hacking: A battle for the mind. Computer, 35(8), 50-56.10.1109/MC.2002.1023788 Search in Google Scholar

Davis, N. (2018, December 17). Chronic fatigue syndrome could be triggered by overactive immune system. TheGuardian.com. Retrieved from https://www.theguardian.com/society/2018/dec/17/chronic-fatigue-syndrome-could-be-triggered-by-overactive-immune-system Search in Google Scholar

Dykstra, J., & Paul, C. L. (2018). Cyber Operations Stress Survey (COSS): Studying fatigue, frustration, and cognitive workload in cybersecurity operations. In 11th USENIX Workshop on Cyber Security Experimentation and Test CSE, 18. Search in Google Scholar

Edwards, J. R., Caplan, R. D., & Van Harrison, R. (1998). Person-environment fit theory. Theories of organizational stress, 28(1), 67-94. Search in Google Scholar

ENISA Threat Landscape 2021. (2021, October). Retrieved from https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021 Search in Google Scholar

Fisher, J. (2018, July 31). How managers can prevent their teams from burning out. Retrieved from https://hbr-org.cdn.ampproject.org/c/s/hbr.org/amp/2018/07/how-managers-can-prevent-their-teams-from-burning-out Search in Google Scholar

Furnell, S. and Thomson, K.L. (2009). Recognising and addressing security fatigue.” Computer Fraud & Security, 11, 7–11, doi:10.1016/S1361-3723(09)70139-3. Otwórz DOISearch in Google Scholar

Grier, R. A. (2015, September). How high is high? A meta-analysis of NASA-TLX global workload scores. In Proceedings of the Human Factors and Ergonomics Society Annual Meeting (Vol. 59, No. 1, pp. 1727-1731). Sage CA: Los Angeles, CA: SAGE Publications.10.1177/1541931215591373 Search in Google Scholar

Gutzwiller, R. S., Cosley, D., Ferguson-Walter, K., Fraze, D., & Rahmer, R. (2019, November). Panel: Research sponsors for cybersecurity research and the human factor. In Proceedings of the Human Factors and Ergonomics Society Annual Meeting (Vol. 63, No. 1, pp. 422-426). Sage CA: Los Angeles, CA: SAGE Publications.10.1177/1071181319631383 Search in Google Scholar

Helkala, K., Knox, B., Jøsok, Ø., & Knox, S. (2016). Factors to affect improvement in cyber officer performance. Information & Computer Security.10.1108/ICS-01-2016-0001 Search in Google Scholar

Hinkley, C. (2019 September 16). Preventing PTSD and burnout for cybersecurity professionals. Darkreading.com. Retrieved from https://www.darkreading.com/risk/preventing-ptsdand-burnout-for-cybersecurity-professionals/a/did/1335750?fbclid=IwAR31h9dqAsT7oC5JaAEGseXlSnL1C1Jp5VsntlFGwDaFy4Pf82JSCIbFT UU Search in Google Scholar

Hollnagel, E. (2016). The nitty-gritty of human factors. Human factors and ergonomics in practice: Improving system performance and human well-being in the real world, 45-64.10.1201/9781315587332-5 Search in Google Scholar

Hull, J. L. (2017). Analyst Burnout in the Cyber Security Operation Center-CSOC: A Phenomenological Study (Doctoral dissertation, Colorado Technical University). Search in Google Scholar

ISACA. (2020, November 18). Understanding and burning CISO burnout. ISACA.org. Retrieved from https://www.isaca.org/resources/news-and-trends/industry-news/2020/understanding-and-addressing-ciso-burnout Search in Google Scholar

Koppel, R., Blythe, J., Kothari, V., & Smith, S. (2016). Beliefs about cybersecurity rules and passwords: A comparison of two survey samples of cybersecurity professionals versus regular users. In Twelfth Symposium on Usable Privacy and Security ({SOUPS} 2016). Search in Google Scholar

Kwon, J., & Johnson, M. E. (2015, June). The market effect of healthcare security: Do patients care about data breaches?. In WEIS. Search in Google Scholar

Lallie, H. S., Shepherd, L. A., Nurse, J. R., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248.10.1016/j.cose.2021.102248 Search in Google Scholar

LaManna. M. (2017). Technology intercepts for cyber security applied to critical infrastructures. WMSCI, 8-11. Search in Google Scholar

Loui, R. K. (2020, February 28). #Psybersecurity: Mental healths impacts of cybersecurity attacks. RSA Conference 2020. San Francisco, California Search in Google Scholar

MacEwan, N. (2017). Responsibilisation, rules and rule-following concerning Cyber Security: Findings from Small Business Case Studies in the U.K. (Doctoral dissertation, University of Southampton). Search in Google Scholar

Maslach, C., and Schaufeli, W. (2001). Job burnout. Annual Review of Psychology (52), pp. 397–422.10.1146/annurev.psych.52.1.397 Search in Google Scholar

Maslach, C., & Leiter, M. P. (2005). Reversing burnout. Standford Social Innovation Review, 43-49. Search in Google Scholar

Mancuso, V. F., Strang, A. J., Funke, G. J., & Finomore, V. S. (2014, September). Human factors of cyber-attacks: a framework for human-centered research. In Proceedings of the Human Factors and Ergonomics Society Annual Meeting (Vol. 58, No. 1, pp. 437-441). Sage CA: Los Angeles, CA: SAGE Publications.10.1177/1541931214581091 Search in Google Scholar

Michel, A. (2017). Psyber Security: Thwarting Hackers with Behavioral Science. APS Observer, 30(9). Search in Google Scholar

Mirilla, D. F., Tappert, C. C., Frank, R. I., & Tao, L. (2018). A proposed dynamic Security Operations Center Management Framework for reducing task disengagement. Proceedings of Student-Faculty Research Day, Pace University. Search in Google Scholar

Monica, A., & Gloria, P. W. (2019). Stressed decision-makers and use of decision aids: a literature review and conceptual model. Information Technology & People, 33(2), 710-754. https://doi.org/10.1108/ITP-04-2019-0194 Search in Google Scholar

Moss, J. (2019, December 11). Burnout is about your workplace, not your people. HBR.org. Retrieved from https://hbr-org.cdn.ampproject.org/c/s/hbr.org/amp/2019/12/burnout-is-about-your-workplace-not-your-people Search in Google Scholar

Moustafa, A. A., Bello, A., & Maurushat, A. (2021). The role of user behaviour in improving cyber security management. Frontiers in Psychology, 12.10.3389/fpsyg.2021.561011 Search in Google Scholar

Nobles, C. (2018). Botching human factors in cybersecurity in business organizations. HOLISTICA–Journal of Business and Public Administration, 9(3), 71-88.10.2478/hjbpa-2018-0024 Search in Google Scholar

Nobles, C. (2019). Establishing human factors programs to mitigate blind spots in cybersecurity. MWAIS 2019 Proceedings, 22. https://aisel.aisnet.org/mwais2019/22 Search in Google Scholar

Nobles, C. (2021a, February 8). The Human Factors Series: Burnout and fatigue are sustained problems in cybersecurity. https://www.linkedin.com/pulse/human-factors-series-burnout-fatigue-sustained-calvin-nobles-ph-d-/ [post]. LinkedIn. https://www.linkedin.com/pulse/human-factors-series-burnout-fatigue-sustained-calvin-nobles-ph-d-/ Search in Google Scholar

Nominet Cyber Security. (2019). Life inside the perimeter: Understanding the modern CISO. Retrieved from Nominet-Cyber_CISO-report_FINAL-130219.pdf. Search in Google Scholar

Nori, P., Bartash, R., Cowman, K., Dackis, M., & Pirofski, L. A. (2019, April). Is burnout infectious? Understanding drivers of burnout and job satisfaction among academic infectious diseases physicians. In Open forum infectious diseases (Vol. 6, No. 4, p. ofz092). U.S.: Oxford University Press.10.1093/ofid/ofz092 Search in Google Scholar

Ogbanufe, O., & Spears, J. (2019). Burnout in cybersecurity professionals. Proceedings of the 14th Pre-ICIS Workshop on Information Security and Privacy, Munich, Germany, December 15, 2019. Search in Google Scholar

Okereafor, K., & Adelaiye, O. (2020). Randomized cyber attack simulation model: a cybersecurity mitigation proposal for post covid-19 digital era. International Journal of Recent Engineering Research and Development (IJRERD), 5(07), 61-72. Search in Google Scholar

Parkin, S., Krol, K., Becker, I., & Sasse, M. A. (2016). Applying cognitive control modes to identify security fatigue hotspots. In Twelfth Symposium on Usable Privacy and Security ({SOUPS} 2016). Search in Google Scholar

Pfleeger, S. L., Sasse, M. A., & Furnham, A. (2014). From weakest link to security hero: Transforming staff security behavior. Journal of Homeland Security and Emergency Management, 11(4), 489-510.10.1515/jhsem-2014-0035 Search in Google Scholar

Pham, H.-C., El-Den, J., & Richardson, J. (2016). Stress-based security compliance model – an exploratory study. Information and Computer Security, 24(4), 326.10.1108/ICS-10-2014-0067 Search in Google Scholar

Pham, H. C. (2019). Information security burnout: Identification of sources and mitigating factors from security demands and resources. Journal of Information Security and Applications, 46, 96-107.10.1016/j.jisa.2019.03.012 Search in Google Scholar

Platsis, G. (2019). The Human Factor: Cyber Security’s Greatest Challenge. In Cyber Law, Privacy, and Security: Concepts, Methodologies, Tools, and Applications (pp. 1-19). IGI Global.10.4018/978-1-5225-8897-9.ch001 Search in Google Scholar

Platsis, G. (2019, August 14). Is staff burnout the best reason to implement cybersecurity A.I.? Securityintelligence.com. Retrieved from https://securityintelligence.com/articles/is-staff-burnout-the-best-reason-to-implement-cybersecurity-ai/ Search in Google Scholar

Reeves, A., Delfabbro, P., & Calic, D. (2021). Encouraging employee engagement with cybersecurity: How to tackle cyber fatigue. SAGE Open, 11(1), 21582440211000049.10.1177/21582440211000049 Search in Google Scholar

Renaud, K. (2012). Blaming noncompliance is too convenient: What really causes information breaches? Security & Privacy, IEEE 10 (3), 57-63.10.1109/MSP.2011.157 Search in Google Scholar

Roberts, L. D., & Allen, P. J. (2015). Exploring ethical issues associated with using online surveys in educational research. Educational Research and Evaluation, 21(2), 95-108.10.1080/13803611.2015.1024421 Search in Google Scholar

Ritchey, D. (2018). Curing security fatigue. Security, 55(9), 10. Retrieved from http://libproxy.temple.edu/login?url=https://search-proquestcom.libproxy.temple.edu/docview/2109287230?accountid=14270 Search in Google Scholar

Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. computers & security, 56, 70-82.10.1016/j.cose.2015.10.006 Search in Google Scholar

SAI Global. (2008). SAI Global Information Security Awareness Survey 2008. Retrieved from http://www.saiglobal.com Search in Google Scholar

Sasse, M. A. (2013, August). Technology should be smarter than this!: A Vision for Overcoming the Great Authentication Fatigue. In Workshop on Secure Data Management (pp. 33-36). Springer, Cham.10.1007/978-3-319-06811-4_7 Search in Google Scholar

Serfontein, R., Drevin, L., & Kruger, H. (2018). The feasibility of raising information security awareness in an academic environment using SNA. In IFIP World Conference on Information Security Education (pp. 69-80). Springer, Cham.10.1007/978-3-319-99734-6_6 Search in Google Scholar

Singh, T. (2021). The role of stress among cybersecurity professionals (Doctoral dissertation, The University of Alabama). Search in Google Scholar

Sheridan, K. (2020, June 6). 90% of CISOs would pay for better work-life balance. DarkReading.com. Retrieved from https://www.darkreading.com/risk/90--of-cisos-would-cut-pay-for-better-work-life-balance/d/d-id/1336995 Search in Google Scholar

Stanton, B., Theofanos, M. F., Prettyman, S. S., & Furman, S. (2016). Security fatigue. I.T. Professional, 18(5), 26-32.10.1109/MITP.2016.84 Search in Google Scholar

Tanimoto, S., Nagai, K., Hata, K., Hatashima, T., Sakamoto, Y., & Kanai, A. (2017, July). A Concept Proposal on Modeling of Security Fatigue Level. In 2017 5th Intl Conf on Applied Computing and Information Technology/4th Intl Conf on Computational Science/Intelligence and Applied Informatics/2nd Intl Conf on Big Data, Cloud10.1109/ACIT-CSII-BCD.2017.30 Search in Google Scholar

Thomas, B. (2019, December 26). Most urgent CISO skills 2020: Reporting avoiding burnout, more. Bitsight.com. Retrieved from https://www.bitsight.com/blog/5-shocking-itcybersecurity-burnout-statistics. Search in Google Scholar

Thomas, B. (2020, January 07). Five shocking I.T. and cybersecurity burnout statistics. Bitsight.com. Retrieved from https://www.bitsight.com/blog/5-shocking-it-cybersecurityburnout-statistics. Search in Google Scholar

Thorbecke, C. (2021, July 02). Why business leaders need a wake-up call to take burnout seriously right now, experts say. Yahoo.com. Retrieved from https://www.yahoo.com/gma/why-business-leaders-wake-call-100007147.html Search in Google Scholar

Tobler, N., Colvin, J., & Rawlins, N. W. (2017). Longitudinal analysis and coping model of user adaptation. Journal of Computer Information Systems, 57(2), 97-105. https://doi.org/10.1080/08874417.2016.1183415 Search in Google Scholar

Valcour, M. (2016). Beating burnout. Harv Bus Rev, 94, 98-101. Search in Google Scholar

Wang, J., Li, Y., & Rao, H. R. (2017). Coping responses in phishing detection: An investigation of antecedents and consequences. Information Systems Research, 28(2),378-396. https://doi.org/10.1287/isre.2016.0680 Search in Google Scholar

Wilson, S., Hamilton, & Stallbaum, S. (2020, May 26). The unaddressed gap in cybersecurity: Human performance. MIT Sloan Management Review. Retrieved from https://sloanreview.mit.edu/article/the-unaddressed-gap-in-cybersecurity-human-performance/ Search in Google Scholar

Zorabedian, J. (2019, February 01). Data breach fatigue makes every day feel like groundhog day. SecurityIntelligence.com. Retrieved from https://securityintelligence.com/data-breach-fatigue-makes-every-day-feel-like-groundhog-day Search in Google Scholar

Polecane artykuły z Trend MD