ACCOUNTING FOR THE IMPACT OF THE HUMAN FACTOR IN CYBER SECURITY MODELS
I. L. Karpova, A. V. Kurilov, A. F. Suprun, L. A. Ivanova St. Petersburg State Maritime Technical University, St. Petersburg Military Order of Zhukov Institute of National Guard Troops, Peter the Great St. Petersburg Polytechnic University (SPbPU)
Annotation: A comprehensive cybersecurity risk assessment is a complex multi-level task involving technical, software, external and human factors. As part of the development of a predictive model for assessing cybersecurity risks, characterization of the human factor is necessary to understand how the actions of information security specialists affect the risk of developing cybersecurity threats. The article discusses the concept of "reliability" in relation to the human factor in the cybersecurity system. It has two main components: innate characteristics, which are part of the personality, and situational characteristics, which are outside the personality. The use of reliability as a Human Factors parameter in a comprehensive cybersecurity risk assessment will also depend on an understanding of how different mental models and behavioral responses affect the level of trust placed in an information security professional and the biases that affect the ability to provide such trust.
Keywords: information security, cyber security model, information system reliability, human factor, cyber defense.