Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
The human factor in cyber security
Cyber Security: A Peer-Reviewed Journal,
1
(4),
326-330
(2018)
Abstract
This paper explores the relationship between the need for industries to accelerate the digital transformation process and the need to fill the cultural gap that separates knowledge of digital technology from appropriate cyber postures. The human factor in cyber security represents actions and events where human error results in successful hacks or data breach. Every year companies are implementing new security measures, adopting the latest technologies while forgetting that most breaches can be traced back to human error. Failing on that task may compromise all the defence-in-depth technologies in which organisations are investing. So how should we address this issue and what should organisations do? To this end, the paper discusses implementation of technical and administrative procedures.
Keywords: human factor; cyber psychology; GDPR; digital transformation; PSD2; security
The full article is available to subscribers to the journal.
Author's Biography
Nicola Sotira is an Information Security Officer at Poste Italiane with responsibility for cyber security and CERT (Computer Emergency Response Team). He has also been Director-General of the Global Cyber Security Foundation GCSEC since 2016. He has worked in the field of information security and networks for more than 20 years, with experience in international environments. In the area of security he has been involved in encryption design and network security, as well as working with complex infrastructures such as mobile and 3G networks. He has been a member of the Association for Computing Machinery (ACM) since 2004 and promoter of technological innovation, collaborating with several start-ups in Italy and abroad. Since 2014 he has been a member of Startup Italy, with companies participating in the development and design of services in the mobile sector. He has also collaborated with Oracle Security Council. Since 2005 he has taught security on the Master‘s in Network Security of Sapienza University. He has contributed articles to several magazines in the computer industry on issues related to security and legal technical aspects.
