Human factor, a critical weak point in the information security of an organization's Internet of things

Internet of Things (IoT) presents opportunities for designing new technologies for organizations. Many organizations are beginning to accept these technologies for their daily work, where employees can be connected, both on the organization's premises and the “outside”, for business continuity....

Descripción completa

Detalles Bibliográficos
Autores principales: Hughes-Lartey, Kwesi, Li, Meng, Botchey, Francis E., Qin, Zhen
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Elsevier 2021
Materias:
Research Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7980069/
https://www.ncbi.nlm.nih.gov/pubmed/33768182
http://dx.doi.org/10.1016/j.heliyon.2021.e06522
_version_ 1783667377105272832
author Hughes-Lartey, Kwesi
Li, Meng
Botchey, Francis E.
Qin, Zhen
author_facet Hughes-Lartey, Kwesi
Li, Meng
Botchey, Francis E.
Qin, Zhen
author_sort Hughes-Lartey, Kwesi
collection PubMed
description Internet of Things (IoT) presents opportunities for designing new technologies for organizations. Many organizations are beginning to accept these technologies for their daily work, where employees can be connected, both on the organization's premises and the “outside”, for business continuity. However, organizations continue to experience data breach incidents. Even though there is a plethora of researches in Information Security, there “seems” to be little or lack of interest from the research community, when it comes to human factors and its relationship to data breach incidents. The focus is usually on the technological component of Information Technology systems. Regardless of any technological solutions introduced, human factors continue to be an area that lacks the required attention. Making the assumption that people will follow expected secure behavioral patterns and therefore system security expectations will be satisfied, may not necessarily be true. Security is not something that can simply be purchased; human factors will always prove to be an important space to explore. Hence, human factors are without a doubt a critical point in Information Security. In this study, we propose an Organizational Information Security Framework For Human Factors applicable to the Internet of Things, which includes countermeasures that can help prevent or reduce data breach incidents as a result of human factors. Using linear regression on data breach incidents reported in the United States of America from 2009 to 2017, the study validates human factors as a weak-point in information security that can be extended to Internet of Things by predicting the relationship between human factors and data breach incidents, and the strength of these relationships. Our results show that five breach incidents out of the seven typified human factors to statistically and significantly predict data breach incidents. Furthermore, the results also show a positive correlation between human factors and these data breach incidents.
format Online
Article
Text
id pubmed-7980069
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher Elsevier
record_format MEDLINE/PubMed
spelling pubmed-79800692021-03-24 Human factor, a critical weak point in the information security of an organization's Internet of things Hughes-Lartey, Kwesi Li, Meng Botchey, Francis E. Qin, Zhen Heliyon Research Article Internet of Things (IoT) presents opportunities for designing new technologies for organizations. Many organizations are beginning to accept these technologies for their daily work, where employees can be connected, both on the organization's premises and the “outside”, for business continuity. However, organizations continue to experience data breach incidents. Even though there is a plethora of researches in Information Security, there “seems” to be little or lack of interest from the research community, when it comes to human factors and its relationship to data breach incidents. The focus is usually on the technological component of Information Technology systems. Regardless of any technological solutions introduced, human factors continue to be an area that lacks the required attention. Making the assumption that people will follow expected secure behavioral patterns and therefore system security expectations will be satisfied, may not necessarily be true. Security is not something that can simply be purchased; human factors will always prove to be an important space to explore. Hence, human factors are without a doubt a critical point in Information Security. In this study, we propose an Organizational Information Security Framework For Human Factors applicable to the Internet of Things, which includes countermeasures that can help prevent or reduce data breach incidents as a result of human factors. Using linear regression on data breach incidents reported in the United States of America from 2009 to 2017, the study validates human factors as a weak-point in information security that can be extended to Internet of Things by predicting the relationship between human factors and data breach incidents, and the strength of these relationships. Our results show that five breach incidents out of the seven typified human factors to statistically and significantly predict data breach incidents. Furthermore, the results also show a positive correlation between human factors and these data breach incidents. Elsevier 2021-03-16 /pmc/articles/PMC7980069/ /pubmed/33768182 http://dx.doi.org/10.1016/j.heliyon.2021.e06522 Text en © 2021 The Authors http://creativecommons.org/licenses/by-nc-nd/4.0/ This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
spellingShingle Research Article
Hughes-Lartey, Kwesi
Li, Meng
Botchey, Francis E.
Qin, Zhen
Human factor, a critical weak point in the information security of an organization's Internet of things
title Human factor, a critical weak point in the information security of an organization's Internet of things
title_full Human factor, a critical weak point in the information security of an organization's Internet of things
title_fullStr Human factor, a critical weak point in the information security of an organization's Internet of things
title_full_unstemmed Human factor, a critical weak point in the information security of an organization's Internet of things
title_short Human factor, a critical weak point in the information security of an organization's Internet of things
title_sort human factor, a critical weak point in the information security of an organization's internet of things
topic Research Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7980069/
https://www.ncbi.nlm.nih.gov/pubmed/33768182
http://dx.doi.org/10.1016/j.heliyon.2021.e06522
work_keys_str_mv AT hugheslarteykwesi humanfactoracriticalweakpointintheinformationsecurityofanorganizationsinternetofthings
AT limeng humanfactoracriticalweakpointintheinformationsecurityofanorganizationsinternetofthings
AT botcheyfrancise humanfactoracriticalweakpointintheinformationsecurityofanorganizationsinternetofthings
AT qinzhen humanfactoracriticalweakpointintheinformationsecurityofanorganizationsinternetofthings

Ejemplares similares