Argumentative Essay On Human Decision Making In Cyber Security
Task: Write an argumentative essay arguing about the topic “Human Decision making in Cyber Security”.
This argumentative essay argues about the topic “Human Decision making in Cyber security”. While there have been studies and research done that cyber security is very important and people should understand what to use and what not but there are still some arguments that shows that cyber security has also proved to be better in this generation. There is a lot of thoughtfulness given by the media over the problems that are surrounded by cyber security. The issues always happen due to people referring to cyber security. There is always a debate revolves around cyber security and this has even incepted a heat than light in most of the regions around the world (Strang, 2014). Humans are very much addicted to TV and internet these days. The decision making plays a very vital role for humans when it comes to what to use and what not to use on the internet. While there are pros of the internet, there are also so many negative things that come with this power.
The days of the humans are always filled with lots of decision taking like when one should wake up, when to eat, what to wear etc. Yet mostly these decisions are on the autopilot mode. We take them in fraction of seconds and do not think much about them (ForcePoint, 2019). These are based on human’s perceptions and intuitions. There are still a few decisions that require much more effort and one’s thinking to come to the end decision and overcome biases. As per Dr. Cunningham, understanding the security related biases or decision making is not just a tough task but also takes a lot of thinking before doing it. Threat analysis should be done well before doing anything that can cause issue for cyber security.
The argumentative essay examines the words of Schultz (2005) that there is a shortage of experts and also shortage of research that should have been done on the human’s factors and human errors with respect to cyber security and this should have been a very significant thing to do. He also says that there should always be an importance of adopting with the work atmosphere and the culture (Nobles, 2018). This way the employees can develop knowledge of engaging in work in the most productive manner and would possess appropriate security oriented behaviours. This results in the breaches in the security and that creates painful results for firms and causes situation of bankruptcy, customer dissatisfaction and losses in business. Studies used to develop this argumentative essay have found out that human mistakes in cyber security are one of the most vulnerable situations of any organization. The protection of the information is to be done by taking out any suitable solution and taking out solution is one of the most vital aspects of information security.
As per Alberchtsen( 2007), it has been noted in the argumentative essay that creating new policies for information security creates a culture in work dimensions where the workers are unwilling to avoid security controls for completing the tasks. It is required for the employees to increase and improve their knowledge with purpose for understanding the importance of information security (Albrechtsen, 2010). There are studies that show that humans take decisions that they have no knowledge about and this impacts the security a lot. For example: While there is absence of training, the users or the customers or even the workers makes their decision on the personal values they possess, as per VanZedlhoff (2016).
The research carried on this argumentative essay also examines the words of Evans, Maglaras, Ho &Janicke (2015) which signifies that the researchers showed that in the year 2014, there were 50% of cyber-attacks happened due to the human decision making and errors which was a 31% of increase from last year i.e. 2013.
However, the study used to develop this argumentative essay also outlines the number of aspects that influence the decision making in cyber security that leads the people to click on the emails sent to them. Majorly the email based cyber-attacks need the targeted user to open any link or the file for the attack to happen. A few of the attacks always rely on the exploitation kits and the software for attacking the systems but majorly there needs to be an involvement of the humans for executing the process or cyber-attacks. Such interactions with humans also enable macros for malicious codes to be run (Zorz, 2019). Many times it is very easy for people to blame their attacks on someone else. These cyber-attacks are knows as the phishing attacks. Nowadays emails are becoming more and more indistinguishable as to which mail is fake and which is an original one due to the attackers doing attacks from a trustful source like cloud services such a Google etc. It is even studied that the attackers try to mimic the routines of the businesses for making sure that they succeed in their attacks. For example: any user may feel doubtful of his email if it comes from a colleague late at night yet if it arrives in a working day, it can be treated as the secure mail and this type of mail has the potential of rolling the attack successfully. Most of the phishing attacks are made to look legitimate and original yet there are always solutions to every issue and so does this. Example: Emails that are unexpected are always urgent mails that required immediate viewing (Palmer, 2019). If the consumer doubts the mail, they can always contact the sender who sent that mail for making sure that it is the legitimate mail.
Following ways provided in this segment of argumentative essay can be adopted in order to stop the users from clicking on such links:
Knowledge of phishing techniques: Various phishing scams are being made day after day. If the person does not have the knowledge about such phishing techniques, anyone can fall for such attacks easily. Less information about the cyber security is also related to the human decision making. If there is no information about phishing, the humans are prone to make such errors (Dean & McDermot, 2017).
Thinking before clicking: It is completely okay and understandable when a person clicks on the links that are trustworthy. But the random mails are should always be checked and thought upon before clicking on it. There are mostly mails which start with “Dear Customer” written in them. This piece of information should always be known by the users.
Anti-phishing tools: For the security purposes, there are internet browsers which are customized with the anti-phishing tool bars. These tools run the complete check on the sites that are okay to open or not. They alert the customer or the user about it after checking and if still the user uses it, it becomes the responsibility of the user if any malware attacks the system (Phishing, 2019).
Security of the site: This is very important to be a little cautious about the information related to finances online. When one does the net banking or any type of financial payments online, the mails are sent for the information to be shared about the user. One should not click unnecessary mails sent by the banks always. Also, the sites that are to be opened would always start with Https.
The browsers updating: There are security patches that are released for the browsers that are popularly used by most of the users. These are always released due to the loopholes in the security. Hence, updating the browsers is important for being updated about the new updates about these attacks and phishing etc.
Pop-Ups: The windows that pop up in between the duration when a person is using the internet are always deceptive. Most often they are the attempts made for phishing for the users. Most of the pop ups gives the options of blocking up such types of pop ups (Store, 2019).
These days, there is a lot of scarcity of research based on human cantered cyber security framework that is created from the human centred design theory. Though, the company from cyber security focuses on the behaviour related risks in information security via a new example which is known as human centred cyber security. The argumentative essay examines that readings of ForcePoint (2018) that this type of security gives the basis for gaining the profound knowledge of human behaviour and the reasons to create particular decisions when communicating with computer systems. With no doubt, the human factor is actually a scientific field which is not fully utilized and valued when it comes to the security of the information and cyber security (Jalali, 2017). The involvement of the humans is very significant in information security for the firm’s leaders and for normal people too for continuing to avoid the psychology based analysis and behaviour in information security.
It can be concluded from the above analysis done in this argumentative essay that the human decision making is cyber security impacts the decision of the people in clicking on mails. The decisions of the humans can easily create errors in the system and attacks can happen (Ben-Asher & Gonzalez, 2015). Hence, the decisions of the humans can create a positive and negative impact both when it comes to cyber security. Knowledge is a very vital part of the human decision making. This essay focuses on the points that are related to the human decision making in cyber security. This essay emphasized on the points that should be applied or kept in mind if one wants to stay away from attacks that keep on happening these days. The data analysed in the context of this argumentative essay showed that there is always a 30% increase in the attacks every year. Hence, it can easily be concluded that human decisions are really important when it comes to cyber security.
Albrechtsen, E. (2010). Improving information security awareness and behaviour through dialogue, participation and collective reflection. Argumentative essay An intervention study. Computers & Security, 29(4), 432-445.
Ben-Asher, N., & Gonzalez, C. (2015). Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, 51-61.
Dean, B., & McDermot, R. (2017). A Research Agenda to Improve Decision Making in Cyber Security Policy. Penn State Journal of Law & International Affairs, 5(1).
ForcePoint. (2019). Thinking About Thinking: Exploring Bias in Cybersecurity with Insights from Cognitive Science. Retrieved October 25, 2019, from https://www.forcepoint.com/sites/default/files/resources/files/report_thinking_about_thinking_cybersecurity_bias_en.pdf
Jalali, M. S. (2017). Decision Making and Biases in Cybersecurity Capability Development: Evidence from a Simulation Game Experiment. Retrieved October 25, 2019, from http://web.mit.edu/smadnick/www/wp/2017-16.pdf
Nobles, C. (2018). Botching Human Factors in Cybersecurity in Business Organizations. Holistica, 9(3), 71-88.
Palmer, D. (2019). Cybersecurity: 99% of email attacks rely on victims clicking links. argumentative essay Retrieved October 25, 2019, from https://www.zdnet.com/article/cybersecurity-99-of-email-attacks-rely-on-victims-clicking-links/
Phishing. (2019). 10 Ways To Avoid Phishing Scams. Retrieved October 25, 2019, from https://www.phishing.org/10-ways-to-avoid-phishing-scams
Store, S. (2019). 20 Phishing Statistics. Retrieved October 25, 2019, from https://www.thesslstore.com/blog/20-phishing-statistics-to-keep-you-from-getting-hooked-in-2019/
Strang, A. (2014). Human Factors of Cyber Attacks. Proceedings of the Human Factors and Ergonomics Society.
Zorz, Z. (2019). How human bias impacts cybersecurity decision making. Argumentative essay Retrieved October 25, 2019, from https://www.helpnetsecurity.com/2019/06/10/cybersecurity-decision-making/