- ホーム
- > 洋書
- > 英文書
- > Psychology
Full Description
This book takes a fresh look at the underappreciated role of human psychology in cybersecurity and information technology management. It discusses the latest insights from practice and scholarly work on the role of cognitive bias and human factors in critical decisions that could affect the lives of many people.
Written by an experienced chief information security officer (CISO) and an academic with over two decades of lived experience dealing with cybersecurity risks, this book considers the psychological drivers and pitfalls of the four key personas in cybersecurity - from hackers and defenders, to targeted individuals and organisational leaders. It bridges state-of-the-art research findings with real-world examples and case studies to show how understanding the psychological factors in cybersecurity can help people protect themselves and their organisations better.
Full of advice on security best practices that consider the human element of cybersecurity, this book will be of great interest to professionals and managers in the cybersecurity domain, information technology, and governance and risk management. It will also be relevant to students and those aspiring to grow in this field.
Contents
Foreword
Part 1: Enter the world of cybercrime
Chapter 1: Most cybercriminals are made, not born
Chapter 2: Hackers: the good, the bad, and the ugly
Hacktivism
Once a hacker, always a hacker?
Notorious hackers
Interviews with real-life cybercriminals
Chapter 3: How an attack is devised
Selecting targets
Skills that make attacks succeed
Social engineering attacks: hacking people's minds
Ransomware attacks
Exploiting misconfigurations
Chapter 4: Special cases
Insider threats
The impact of insider threats
Whistleblowers
Third party and supply chain risks
Impact of cyber-attacks on trust
Part 2: Inside the line of defence
Chapter 5: Operational cybersecurity context
Pressures of the job
Cybersecurity needs diversity
Why work in cybersecurity
Chapter 6: Human fallacies and how to overcome them
Biases affecting threat analysis
Biases affecting risk management
Chapter 7: Operational resilience
People
Processes
Technology
Business continuity
Chapter 8: Organisational psychology
Chapter 9: Improving organisational cybersecurity
Good governance
Better training and education
Security by design
Organisational cybersecurity culture
Cybersecurity champions
Nudge programs
Situational crime prevention
Part 3: The target's perspective
Chapter 10: Psychology applied in cybersecurity
Opening the black box
Brains: natural prediction machines
Chapter 11: How we take the bait
Technical people have human brains too
Know yourself to protect yourself
Part 4: The Psychology of a Chief Information Security Officer (CISO)
Chapter 12: Responsibilities of a CISO
The SECCRRT to effective CISOs
Leading the psychology and cybersecurity integration
Shaping the organisation's psychological security posture
Getting security buy-in across the board
Chapter 13: Psychological toll on CISOs
Managing risk
Managing the executive team
Overcoming stress and building resilience
Chapter 14: Concluding remarks
Glossary
