In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)
Title: Human Factors in a Computable Cybersecurity Risk Model
Author(s): Sophie Williams, Damien Marriott
Keywords: Human factors, spear-phishing, computable risk model, semantics, cybersecurity
Abstract: Computable risk models are used for risk management in organisations to assess possible cybersecurity threats to the system and consider appropriate response options. These models might include humans, but usually do not contain information about how human factors have a role in information security. We describe the necessary aspects to consider when designing a framework for including human factors in a risk model, based on the example of a spear-phishing attack. Some key elements of this framework were implemented as a proof of concept using Chimera, a computable cybersecurity risk model.
Download count: 576
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.