Understanding the Last Line of Defense: Human Response to Cybersecurity Events.

Cybersecurity in consumer, corporate, and military settings, continues to be a growing concern in the modern and technologically driven world. As Wiederhold (2014) puts it, “the human factor remains the security’s weakest link in cyberspace.” A literature review related to human response to cybersecurity events reveals three phases involved in the cybersecurity response process, including: (1) Susceptibility, the phase preceding an event, which primarily encompasses behaviors that impact vulnerability to a cybersecurity event; (2) Detection of the event when it occurs; and (3) Response to the event after it occurs. In order for an individual to effectively protect themselves and their organizations from cybersecurity breaches, they must understand and be sensitive to the susceptibility of their devices, and when a potential breach occurs, must exhibit rapid and effective response. The goal of this effort was to examine the human factors surrounding non-expert response to a cybersecurity vulnerability or event and create a framework based on the literature. Recommendations for what steps can be taken to better prepare individuals to respond to cyber events is provided.