ju.se
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Design principles for cognitively accessible cybersecurity training
Jönköping University, School of Engineering, JTH, Department of Computer Science and Informatics.ORCID iD: 0000-0003-2084-9119
University of Skövde, Skövde, Sweden.
University of Skövde, Skövde, Sweden.
2024 (English)In: Computers & Security, ISSN 0167-4048, E-ISSN 1872-6208, Vol. 137, article id 103630Article in journal (Refereed) Published
Abstract [en]

Exploiting human behavior to gain unauthorized access to computer systems has become common practice for modern cybercriminals. Users are expected to adopt secure behavior to avoid those attackers. This secure behavior requires cognitive processing and is often seen as a nuisance which could explain why attacks exploiting user behavior continues to be a fruitful approach for attackers. While adopting secure behavior can be difficult for any user, it can be even more difficult for users with cognitive disabilities. This research focuses on users with cognitive disabilities with the intent of developing design principles for the development of cognitively accessible cybersecurity training. The target group is estimated to include almost 10 % of all users but is previously understudied. The results show that the target group experience cybersecurity as cognitively demanding, sometimes to a degree that becomes incapacitating. Participating in cybersecurity training requires cognitive energy which is a finite resource. Cognitively accessible cybersecurity training requires a minimalist design approach and inclusion of accessibility functions. A minimalist design approach, in this case, means that both informative and design elements should be kept to a minimum. The rationale is that all such elements require cognitive processing which should be kept to a minimum.
Place, publisher, year, edition, pages
Elsevier, 2024. Vol. 137, article id 103630
Keywords [en]
Cybersecurity training, Cognitive accessibility, Accessible security, Usable security, Cybersecurity training design
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:hj:diva-63008DOI: 10.1016/j.cose.2023.103630ISI: 001134538700001Scopus ID: 2-s2.0-85178635646Local ID: HOA;;919557OAI: oai:DiVA.org:hj-63008DiVA, id: diva2:1817814
Funder
The Swedish Post and Telecom Authority (PTS), 19-10617Available from: 2023-12-07 Created: 2023-12-07 Last updated: 2025-01-21Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Kävrestad, Joakim

Search in DiVA

By author/editor
Kävrestad, Joakim
By organisation
JTH, Department of Computer Science and Informatics
In the same journal
Computers & Security
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 113 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0
|
WCAG
|
Jönköping University
|
Jönköping University Library