Forensic Socio-Psychological and Criminological Research Center | THEMIS

progetti e ricerche themis new header

Building Organizational Risk Culture in Cyber Security: The Role of Human Factors

By Isabella Corradini and Enrico Nardelli

Experts stress the importance of human beings in cyber security prevention strategies, given that people are often considered the weakest link in the chain of security. In fact, international reports analyzing cyber-attacks confirm the main problem is represented by people’s actions, e.g. opening phishing mail and unchecked attached files, giving sensitive information away through social engineering attacks. We are instead convinced that employees, if well-trained, are the first defense line in the organization. Hence, in any cyber security educational plan, the first required step is an analysis of people’s risks perception, in order to develop a tailor-made training program. In this paper we describe the result of a two-stage survey regarding risk perception in a sample of 815 employees working in a multinational company operating in the financial sector. The results highlight the need of a strong organization’s risk culture to manage cyber security in an efficient way.

In Proceedings of the AHFE 2018 International Conference on Human Factors in Cybersecurity, July 21-25, 2018, Orlando, Florida, USA

Additional Info

  • Anno/Year: 2018

Projects and Research

Projects and ResearchProjects and Research

Themis Center carries out research and studies in the fields of psychology, sociology, del law, criminology, health and safety at work, business security, communication.

Themis editions - italian only

Themis editions - italian onlyThemis editions - italian only

Themis Center produces specialized publishing products in the fields of psychology, sociology, law, criminology, health and safety at work, security, communications.

Seminars and Workshops

Seminars and WorkshopsSeminars and Workshops

Themis Center is a partner of qualified structures for training activities and specialized seminars. Topics include: psychology, criminology, security (safety, security and cybersecurity), risk and security communication.

logo themis footer

Themis - Forensic Socio-Psychological and Criminological Research Center