Haney, J.
(2023),
Users Are Not Stupid: Six Cyber Security Pitfalls Overturned, Cyber Security: A Peer-Reviewed Journal, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=935795
(Accessed September 14, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Users Are Not Stupid: Six Cyber Security Pitfalls Overturned
Published
Author(s)
Abstract
The skilled and dedicated professionals who strive to improve cyber security may unwittingly fall victim to misconceptions and pitfalls that hold customers and users back from reaching their full potential of being active partners in security. These pitfalls often reflect the cyber security community's dependence on technology and failure to fully appreciate the human element. This article offers cyber security professionals a primer so they can recognize and overcome six human element pitfalls in cyber security. Each pitfall is supported by real-world examples or findings from human-centered cyber security research. In addition to gaining an awareness of these pitfalls, readers will learn about specific strategies for how they can improve cyber security and empower users at all levels by addressing the human element in their organizations' cyber security products, decisions, processes, and policies.Citation
Cyber Security: A Peer-Reviewed Journal
Pub Type
Journals
Download Paper
Keywords
cybersecurity, usability, usable security, human element, users
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created March 16, 2023, Updated February 28, 2024