While technological solutions are being developed to enhance cyber security, there is increasing awareness that besides a technical approach the role of human performance, decision making and organizational culture are critical to increase the effectiveness of responses to evolving cyber threats. Hence, the focus of this paper is on the role of the human factors in cyber security. It presents an analysis of data from a Subject Matter Experts’ study carried out in Bulgaria in the end of 2018 in the framework of the project “Cyber security and opportunities for application of innovative technologies in the state administration of the Republic of Bulgaria.” The data was collected via online survey from 92 experts from the state administration, academia and business organizations.
The paper covers the following topics: 1) The most important issues in cyber security in Bulgaria and the role of the human factors among them; 2) Recruitment, Retention, Education & Training of IT personnel; 3) The human factors as a source of security breaches; and 4) Future research in the area of human factors in cyber security. Based on the analysis of the data, conclusions and recommendations are summarized regarding the ways to change the role of the human factor from the system’s “weakest link” to a powerful resource to detect and mitigate cyber threats.
This paper is included in the program of DIGILIENCE 2019 and will be published in the post-conference volume.