Effective Cyber Security Awareness Framework to Mitigate Human Factors in Social Engineering Attacks Post Covid 19

Abstract

The rapid digital transformations accelerated by the Covid-19 pandemic has made it crucial to comprehend the impact of human factors on cyber vulnerabilities, particularly social engineering attacks. This research aims to bridge the gap between theoretical understanding and designing a practical cyber security awareness framework tailored to mitigate the human vulnerabilities in social engineering attacks, particularly in the post-COVID-19 landscape. The initial literature review identified a gap in addressing human psychological vulnerabilities in the current cybersecurity awareness programmes. An effective cyber security awareness framework was designed leveraging insights from international standards to understand popular social engineering attacks, analyse human psychological vulnerabilities to these threats, and map out comprehensive cybersecurity controls. Quantitatively measuring the framework's effectiveness by gathering primary data through a survey revealed the transformative potential of integrating the mitigation of psychological principles into cyber strategies. When qualitatively compared with existing frameworks by implementing the framework in two use cases, the proposed framework’s comprehensive focus on the human element while maintaining alignment with international standards distinguishes its potential to mitigate social engineering threats. Incorporating the human factor into cybersecurity strategies is crucial, which is imperative for protecting against the progressively increased reliance on digital communication.