人并非网络安全中最薄弱的环节.pdf

《人并非网络安全中最薄弱的环节.pdf》由会员分享，可在线阅读，更多相关《人并非网络安全中最薄弱的环节.pdf（43页珍藏版）》请在三个皮匠报告上搜索。

1、Inge Wetzer,PhDAug 14th 2025People are not the weakest link in cybersecurity Our understanding of people is!1234A PSYCHOLOGIST?IN CYBERSECURITY?5INGE WETZERPrincipal psychologistCybersecurity&ComplianceBUREAU VERITAS CYBERSECURITYCYBERSECURITY IN ORGANISATIONS6No one size fits all!Rules,policy,proce

2、sses,etc.Which behavior is secure?Wear a badge Choose a strong password Lock your computer etcKNOWING WHAT IS DESIRED FROM PEOPLE7Mostly,people are told how to behaveThey get informed and instructed and the conclusion is that people are the weakest link in cybersecurityBut knowing what is desired fr

3、om people is not the same as being able to influence them!EXPERTISE OF PSYCHOLOGISTS8HOW TO make peopleWear their badgesUse a strong passwordLock their computersPsychology is the science of behaviorIt may seem easy,butCOMBINE THE EXPERTISES!9COMBINE THE EXPERTISES!10ProcessesWhat is the policy on in

4、formation security?TechnologyWhat is technically possible?PeopleWhat is desired from people?CYBERSECURITY LEARNS FROM PSYCHOLOGY11PEOPLE ARE NOT RATIONAL 12All efforts put into awareness trainings,new procedures,sending e-mails,etc.Sending knowledge,because we rely on that people will behave rationa

5、llyConclusion:People are the weakest linkHowever,look at daily life13 P R O P R I E T A R Y&C O N F I D E N T I A L P R O P R I E T A R Y&C O N F I D E N T I A L P R O P R I E T A R Y&C O N F I D E N T I A L17KNOWLEDGE AND AWARENESS18DO NOT GUARANTEE THE DESIRED BEHAVIORHUMAN BEHAVIOR IN CYBERSECURI

6、TY19METHOD20Online survey questionnaireN=115520 organisations in health careASSESSING KNOWLEDGE21Knowledge testAbility was assessed on 15 topics Per topic:Question Right answer 2 wrong answers“I dont knowASSESSING BEHAVIOR22After each of the ability items:“Do you actually do this?”Scored on a 5-poin