{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T04:31:36Z","timestamp":1776745896430,"version":"3.51.2"},"reference-count":45,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2022,7,22]],"date-time":"2022-07-22T00:00:00Z","timestamp":1658448000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"<jats:p>This article identifies human factors in workplaces that contribute to the challenges faced by cybersecurity leadership within organizations and discusses strategic communication, human\u2013computer interaction, organizational factors, social environments, and security awareness training. Cybersecurity does not simply focus on information technology systems; it also considers how humans use information systems and susceptible actions leading to vulnerabilities. As cyber leaders begin to identify human behavior and processes and collaborate with individuals of the same mindset, an organization\u2019s strategy can improve substantially. Cybersecurity has been an expanding focal point from the viewpoint of human factors. Human inaccuracy can be unintentional due to an inaccurate strategic implementation or accurate unsatisfactory plan implementation. A systematic literature review was conducted to realize unintentional human factors in cybersecurity leadership. The results indicate that humans were the weakest link during the transmission of secure data. Furthermore, specific complacent and unintentional behaviors were observed, enabled by the ignorance of leaders and employees. Therefore, the enforcement of cybersecurity focuses on education, awareness, and communication. A research agenda is outlined, highlighting a further need for interdisciplinary research. This study adopts an original approach by viewing security from a human perspective and assessing how people can reduce cybersecurity incidents.<\/jats:p>","DOI":"10.3390\/jcp2030029","type":"journal-article","created":{"date-parts":[[2022,7,22]],"date-time":"2022-07-22T12:53:45Z","timestamp":1658494425000},"page":"573-586","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":62,"title":["Addressing Human Factors in Cybersecurity Leadership"],"prefix":"10.3390","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1325-9508","authenticated-orcid":false,"given":"William J.","family":"Triplett","sequence":"first","affiliation":[{"name":"Department of Cybersecurity Leadership, Capitol Technology University, 11301 Springfield Road, Laurel, MD 20708, USA"}]}],"member":"1968","published-online":{"date-parts":[[2022,7,22]]},"reference":[{"key":"ref_1","unstructured":"Parenty, T.J., and Domet, J.J. (2019). A Leader\u2019s Guide to Cybersecurity: Why Boards Need to Lead\u2014And How to do, Harvard Business Review Press."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"371","DOI":"10.1007\/s10111-021-00683-y","article-title":"Leveraging human factors in cybersecurity: An integrated methodological approach","volume":"24","author":"Pollini","year":"2021","journal-title":"Cogn. Technol. Work"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"425","DOI":"10.1016\/j.cose.2005.07.002","article-title":"The human factor in security","volume":"24","author":"Schultz","year":"2005","journal-title":"Comput. Sec."},{"key":"ref_4","unstructured":"Burkhead, R.L. (2014). A Phenomenological Study of Information Security Incidents Experienced by Information Security Professionals Providing Corporate Information Security Incident Management. [Doctoral Dissertation, Capella University]. Available online: https:\/\/www.proquest.com\/openview\/99b9a26ae6ba188163d5aab0e10b7ddb\/1?pq-origsite=gscholar&cbl=18750."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Van-Zadelhoff, M. (2016). The biggest cybersecurity threats are inside your company. Harv. Bus. Rev., 19.","DOI":"10.1016\/S1361-3723(16)30063-X"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Corradini, I. (2020). Building a Cybersecurity Culture in Organizations: How to Bridge the Gap between People and Digital Technology, Springer Nature.","DOI":"10.1007\/978-3-030-43999-6"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"424","DOI":"10.1016\/j.sbspro.2014.07.133","article-title":"The human factor of information security: Unintentional damage perspective","volume":"147","author":"Metalidou","year":"2014","journal-title":"Procedia Soc. Behav. Sci."},{"key":"ref_8","first-page":"329","article-title":"Main human factors affecting information system security","volume":"5","author":"Soltanmohammadi","year":"2013","journal-title":"Interdiscip. J. Contemp. Res. Bus."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Jeong, J., Mihelcic, J., Oliver, G., and Rudolph, C. (2019, January 12\u201314). Towards an Improved Understanding of Human Factors in Cybersecurity. Proceedings of the IEEE 5th International Conference on Collaboration and Internet Computing, Los Angeles, CA, USA.","DOI":"10.1109\/CIC48465.2019.00047"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Khan, N., Houghton, J.R., and Sharples, S. (2021). Understanding factors that influence unintentional insider threat: A framework to counteract unintentional risks. Cogn. Technol. Work, 1\u201329.","DOI":"10.1007\/s10111-021-00690-z"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Glaspie, H.W., and Karwowski, W. (2017). Human Factors in Information Security Culture: A Literature Review. International Conference on Applied Human Factors and Ergonomics, Springer.","DOI":"10.1007\/978-3-319-60585-2_25"},{"key":"ref_12","first-page":"12","article-title":"An analysis on the dimensions of information security culture concept: A review","volume":"44","author":"Nasir","year":"2019","journal-title":"J. Inf. Sec. Appl."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1080\/19393555.2019.1643956","article-title":"A dimension-based information security culture model and its relationship with employees\u2019 security behavior: A case study in Malaysian higher educational institutions","volume":"28","author":"Nasir","year":"2019","journal-title":"Inf. Sec. J. Glob. Perspect."},{"key":"ref_14","first-page":"109","article-title":"Developing a cyber security culture: Current practices and future needs","volume":"9","author":"Uchendu","year":"2021","journal-title":"Comput. Sec."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"744","DOI":"10.3389\/fpsyg.2018.00744","article-title":"The future cybersecurity workforce: Going beyond technical skills for successful cyber performance","volume":"9","author":"Dawson","year":"2018","journal-title":"Front. Psychol."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1108\/JSIT-02-2018-0028","article-title":"Human factor security: Evaluating the cybersecurity capacity of the industrial workforce","volume":"21","author":"Ani","year":"2019","journal-title":"J. Sys. Info. Technol."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"437","DOI":"10.1016\/j.chb.2016.12.040","article-title":"Gender difference and employees\u2019 cybersecurity behavior","volume":"69","author":"Anwar","year":"2017","journal-title":"Comput. Hum. Behav."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1016\/j.ijinfomgt.2018.10.017","article-title":"Investigating the impact of cybersecurity policy awareness on employees\u2019 cybersecurity behavior","volume":"45","author":"Li","year":"2019","journal-title":"Int. J. Inform. Manag."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Jajodia, S., Shakarian, P., Subrahmanian, V., Swarup, V., and Wang, C. (2015). The Human Factor in Cybersecurity: Robust & Intelligent Defense. Advances in Information Security, Springer. Cyber Warfare.","DOI":"10.1007\/978-3-319-14039-1"},{"key":"ref_20","first-page":"14","article-title":"Critical success factors for cyber security leaders: Not just technical competence","volume":"39","author":"Klimoski","year":"2016","journal-title":"People Strategy"},{"key":"ref_21","unstructured":"Richards, K. (2014). Has the CISO role changed under the spotlight?. Inf. Secur. Mag., 56."},{"key":"ref_22","first-page":"52","article-title":"A survey of cyber security management in industrial control systems","volume":"9","author":"Knowles","year":"2015","journal-title":"Int. J. Crit. Infr. Prot."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"M\u00f6ller, D.P.F. (2020). Cybersecurity Leadership. Cybersecurity in Digital Transformation, Springer. Springer Briefs on Cyber Security Systems and Networks.","DOI":"10.1007\/978-3-030-60570-4"},{"key":"ref_24","unstructured":"Spidaleri, E., and Kern, S. (2022, July 06). Pell Center for International Relations and Public Policy. Available online: www.salve.edu\/pellcenter."},{"key":"ref_25","unstructured":"Cleveland, S., and Cleveland, M. (2018). Towards cybersecurity leadership framework. Proc. MWAIS, 49, Available online: https:\/\/www.semanticscholar.org\/paper\/Toward-Cybersecurity-Leadership-Framework-Cleveland-Cleveland\/ce3cbe0986768fd04361214cdb8a094dd7d4323c."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"112","DOI":"10.69554\/KXJH6961","article-title":"What good cyber resilience looks like","volume":"7","author":"Hult","year":"2014","journal-title":"J. Bus. Contin. Emerg. Plan."},{"key":"ref_27","unstructured":"Burrell, D.N., Aridi, A.S., and Nobles, C. (2022, July 06). The critical needfor formal leadership development programs for cybersecurity and information technology professionals. Int. J. Cyber Warf. Secur., Available online: https:\/\/www.proquest.com\/openview\/12cbf1c24ddb996f0f01a81fd12f4a4d\/1?pq-origsite=gscholar&cbl=396500."},{"key":"ref_28","unstructured":"Rotherberger, K.E. (2016). A Quantitative Study of Perceptions about Leadership Competencies of IT Project Managers. [Ph.D. Thesis, Cappella University]."},{"key":"ref_29","unstructured":"Hasib, M. (2013). Impact of Security Culture on Security Compliance in Healthcare in the USA. Tomorrow\u2019s Strategy Today, CreateSpace."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Munn, Z., Peters, M.D., Stern, C., Tufanaru, C., McArthur, A., and Aromataris, E. (2018). Systematic Review or scoping review? Guidance for authors when choosing between a systematic or scoping review approach. BMC Med. Res. Methodol., 18.","DOI":"10.1186\/s12874-018-0611-x"},{"key":"ref_31","first-page":"15","article-title":"How to write a systematic review of the literature","volume":"11","author":"Pati","year":"2018","journal-title":"Health Environ. Res. Des. J."},{"key":"ref_32","first-page":"82","article-title":"Cyber security awareness, knowledge and behavior: A comparative study","volume":"62","author":"Zwilling","year":"2022","journal-title":"J. Comput. Inf. Syst."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Aldawood, H., and Skinner, G. (2018, January 4\u20137). Educating and raising awareness on Cyber Security Social Engineering: A literature review. Proceedings of the I.E.E.E. International Conference on Teaching, Assessment, and Learning for Engineering (TALE), Wollongong, Australia.","DOI":"10.1109\/TALE.2018.8615162"},{"key":"ref_34","first-page":"71","article-title":"Botching human factors in cybersecurity in business organizations","volume":"9","author":"Nobles","year":"2018","journal-title":"J. Bus. Public Admin."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"1242","DOI":"10.1108\/IMDS-12-2018-0546","article-title":"Human factors in information leakage: Mitigation strategies for information sharing integrity","volume":"119","author":"Wong","year":"2019","journal-title":"Ind. Manag. Data Syst."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Williams, C., Hodgetts, H.M., Morey, C., Macken, B., Jones, D.M., Zhang, Q., and Morgan, P.L. (2020). Human error in information security: Exploring the role of interruptions and multitasking in Action slips. Commun. Comput. Inf. Sci., 622\u2013629.","DOI":"10.1007\/978-3-030-50732-9_80"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Maalem Lahcen, R.A., Caulkins, B., Mohapatra, R., and Kumar, M. (2020). Review and insight on the behavioral aspects of cybersecurity. Cybersecurity, 3.","DOI":"10.1186\/s42400-020-00050-w"},{"key":"ref_38","first-page":"51","article-title":"Human factors in cybersecurity","volume":"2","author":"Kadena","year":"2021","journal-title":"Sec. Sci. J."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1016\/S1361-3723(21)00054-3","article-title":"Insider attacks: Human-factors attacks and mitigation","volume":"5","author":"Abulencia","year":"2021","journal-title":"Comput. Fraud Sec."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Nifakos, S., Chandramouli, K., Nikolaou, C.K., Papachristou, P., Koch, S., Panaousis, E., and Bonacina, S. (2021). Influence of human factors on cyber security within healthcare organisations: A systematic review. Sensors, 21.","DOI":"10.3390\/s21155119"},{"key":"ref_41","unstructured":"Rahman, T., Rohan, R., Pal, D., and Kanthamanon, P. (July, January 29). Human factors in cybersecurity: A scoping review. Proceedings of the 12th International Conference on Advances in Information Technology, Bangkok, Thailand."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"100454","DOI":"10.1016\/j.ijcip.2021.100454","article-title":"Cybersecurity professionals information sharing sources and networks in the U.S. Electrical Power Industry","volume":"34","author":"Randall","year":"2021","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Georgiadou, A., Mouzakitis, S., and Askounis, D. (2021). Detecting insider threat via a cyber-security culture framework. J. Comput. Inf. Syst., 1\u201311.","DOI":"10.1080\/08874417.2021.1903367"},{"key":"ref_44","unstructured":"Hadlington, L. (2021). The \u201chuman factor\u201d in Cybersecurity. Psychological and Behavioral Examinations in Cyber Security, IGI Global."},{"key":"ref_45","first-page":"350","article-title":"The human factor: Assessing individuals\u2019 perceptions related to cybersecurity","volume":"29","author":"Ramlo","year":"2021","journal-title":"Inf. Comput. Sec."}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/2\/3\/29\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T23:55:14Z","timestamp":1760140514000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/2\/3\/29"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,22]]},"references-count":45,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2022,9]]}},"alternative-id":["jcp2030029"],"URL":"https:\/\/doi.org\/10.3390\/jcp2030029","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,7,22]]}}}