Cybersecurity insights gleaned from world religions

Renaud, Karen and Dupuis, Marc (2023) Cybersecurity insights gleaned from world religions. Computers and Security, 132. 103326. ISSN 0167-4048 (https://doi.org/10.1016/j.cose.2023.103326)

Preview

Text. Filename: Renaud_Dupuis_CS_2023_Cybersecurity_insights_gleaned_from_world_religions.pdf Final Published Version License: Download (2MB)| Preview

Abstract

Organisations craft and disseminate security policies, encoding the actions they want employees to take to preserve and protect organisational information resources. They engage in regular cybersecurity awareness and training drives to ensure that employees know what to do, and how to do it. Despite these efforts, employees make mistakes or do not comply with policy dictates, triggering cybersecurity incidents. The reality is that whereas cyber professionals propose, human nature disposes. In addressing this kind of conundrum, researchers suggest that it could be beneficial to learn from the established practices of other domains that also grapple with erratic human behaviours. This seems reasonable, given that cybersecurity is a relatively young field, and not yet particularly successful in accommodating human nature and fallibility, whereas other fields have years of experience coping with these kinds of problems. Here, we consider learning from religions, which have been around for millennia. The one aspect that all understand is human nature, and the tendency of humans to make mistakes and behave ill-advisedly, sometimes despite knowing better. Religions have developed a number of practices to accommodate human frailties, and to care for their adherents. This might well be a fruitful domain for cybersecurity professionals to learn from, in terms of harnessing effective mechanisms to encourage secure behaviours. To this end, we explored the literature on religions, and interviewed a number of religious leaders to produce a `vision for cybersecurity'. The vision was evaluated by cybersecurity professionals, its target audience. We provide our vision here, in the hope that it will launch a debate into a more equitable new era of `best practice' in the cybersecurity domain.

ORCID iDs

Renaud, Karen ORCID: https://orcid.org/0000-0002-7187-6531

• Share and Export
  

  RDF+XMLBibTeXRIOXX2 XMLRDF+N-TriplesJSONDublin CoreAtomSimple MetadataReferMETSHTML CitationASCII CitationOpenURL ContextObjectEndNoteOpenURL ContextObject in SpanMODSMPEG-21 DIDLEP3 XMLData Cite XMLRIS (EndNote Online, Zotero, Ref manager, etc)RDF+N3Multiline CSV
• Item metadata

  Item type:	Article
  ID code:	85704
  Dates:	Date Event 30 September 2023 Published 29 June 2023 Published Online 6 June 2023 Accepted
  Subjects:	Science > Mathematics > Electronic computers. Computer science > Other topics, A-Z
  Department:	Faculty of Science > Computer and Information Sciences
  Depositing user:	Pure Administrator
  Date deposited:	07 Jun 2023 10:10
  Last modified:	11 Nov 2024 13:58
  Related URLs:	Journal or Publication
  URI:	https://strathprints.strath.ac.uk/id/eprint/85704