Human Factors in Cyber Security: Social Engineering, Behavioural Aspects and Resilience Solutions

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information Security and Privacy".

Deadline for manuscript submissions: 30 November 2025 | Viewed by 2041

Special Issue Editors


E-Mail Website
Guest Editor
School of Computing and Information Science, Anglia Ruskin University, Cambridge CB1 1PT, UK
Interests: cybersecurity and cybercrime; human factors in cybersecurity; cyberpsychology; information security management; IIoT (industrial internet of things) and OT (operational technology) security; digital privacy

E-Mail Website
Guest Editor
Department of Computing, Worcester Business School, University of Worcester, Worcester WR1 3AS, UK
Interests: malware analysis and detection; intrusion detection; network security; Internet of Things (IoT) security; privacy enhancing technologies (PETs); connected/smart vehicles security; AI and information

E-Mail Website
Guest Editor
Department of Computing & Informatics, Faculty of Science & Technology, Bournemouth University, Poole BH12 5BB, UK
Interests: human factors; assistive technology; usability engineering; systems of systems
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Cybersecurity is not merely a technical challenge; it is deeply intertwined with human behaviour and psychology. This Special Issue will focus on the critical roles played by human factors in the success of cyberattacks, including scams, social engineering, and phishing, as well as the psychological aftermath for individuals and organisations. It will also explore how understanding psychological factors can inspire innovative security and privacy protection solutions. We welcome submissions investigating how cognitive biases, decision-making processes, emotional states, and other human factors contribute to user susceptibility to cyber threats. Studies on the psychological manipulation techniques employed by attackers, the impacts of cyber incidents on mental health, and strategies to build user resilience against such threats are particularly encouraged. Additionally, research on leveraging psychological insights to develop human-centric security measures, including privacy-enhancing technologies and awareness programs, is highly relevant. This interdisciplinary Special Issue will advance knowledge at the intersection of psychology, cybersecurity, and technology. By addressing the human element in cyber risk, we will inform more effective defences and foster a safer digital ecosystem for users worldwide. Researchers, practitioners, and policymakers will benefit from the insights shared in this timely collection.

Dr. Hossein Abroshan
Dr. Nader Sohrabi Safa
Prof. Dr. Huseyin Dogan
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cyber threats
  • cybersecurity
  • human behaviour
  • cyberattack
  • security and privacy protection

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • Reprint: MDPI Books provides the opportunity to republish successful Special Issues in book format, both online and in print.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (2 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

21 pages, 540 KiB  
Article
The Effect of Organizational Factors on the Mitigation of Information Security Insider Threats
by Nader Sohrabi Safa and Hossein Abroshan
Information 2025, 16(7), 538; https://doi.org/10.3390/info16070538 - 25 Jun 2025
Viewed by 229
Abstract
Insider threats pose significant challenges to organizations, seriously endangering information security and privacy protection. These threats arise when employees with legitimate access to systems and databases misuse their privileges. Such individuals may alter, delete, or insert data into datasets, sell customer or client [...] Read more.
Insider threats pose significant challenges to organizations, seriously endangering information security and privacy protection. These threats arise when employees with legitimate access to systems and databases misuse their privileges. Such individuals may alter, delete, or insert data into datasets, sell customer or client email addresses, leak strategic company plans, or transfer industrial and intellectual property information. These actions can severely damage a company’s reputation, result in revenue losses and loss of competitive advantage, and, in extreme cases, lead to bankruptcy. This study presents a novel solution that examines how organizational factors such as job satisfaction and security, organizational support, attachment, commitment, involvement in information security, and organizational norms influence employees’ attitudes and intentions, thereby mitigating insider threats. A key strength of this research is its integration of two foundational theories: the Social Bond Theory (SBT) and the Theory of Planned Behavior (TPB). The results reveal that job satisfaction and security, affective and normative commitment, information security training, and personal norms all contribute to reducing insider threats. Furthermore, the findings indicate that employees’ attitudes, perceived behavioral control, and subjective norms significantly influence their intentions to mitigate insider threats. However, organizational support and continuance commitment were not found to have a significant impact. Full article
Show Figures

Figure 1

17 pages, 1323 KiB  
Article
Digital Transformation in Governmental Public Service Provision and Usable Security Perception in Saudi Arabia
by Saqib Saeed
Information 2025, 16(3), 247; https://doi.org/10.3390/info16030247 - 19 Mar 2025
Cited by 2 | Viewed by 1015
Abstract
Usable security and privacy in public services are critical considerations in today’s digital age, where governments increasingly rely on technology to deliver services efficiently while safeguarding sensitive information. Successful usage of these electronic services depends on citizens’ trust level in e-government channels. Therefore, [...] Read more.
Usable security and privacy in public services are critical considerations in today’s digital age, where governments increasingly rely on technology to deliver services efficiently while safeguarding sensitive information. Successful usage of these electronic services depends on citizens’ trust level in e-government channels. Therefore, the design of these public service organizations should consider the usability aspect of security controls. In this paper, we present the results of a quantitative study conducted in Saudi Arabia to understand end users’ perceptions regarding usable security and privacy in their public service usage. Based on the findings, we present a model to further improve the usable security and privacy aspects, which will help policymakers and practitioners improve public service provision by electronic means. The model can be further refined in different geographical contexts to improve cybersecurity in e-government service provision through the integrated efforts of citizens, service-providing organizations and government cybersecurity agencies. Full article
Show Figures

Figure 1

Back to TopTop