The human firewall: Mitigating ransomware risks in critical infrastructures through human-centric approaches
Author Identifier
Avisen Moonsamy: https://orcid.org/0009-0001-0352-6134
Mohiuddin Ahmed: https://orcid.org/0000-0002-4559-4768
Oliver Guidetti: https://orcid.org/0000-0002-4235-4259
Bazlur Rashid: https://orcid.org/0000-0002-8672-5023
Document Type
Book Chapter
Publication Title
Ransomware Evolution
First Page
192
Last Page
207
Publisher
Taylor & Francis
School
School of Science
RAS ID
77608
Abstract
In an increasingly sophisticated era of cyber threats, ransomware attacks on critical infrastructures have become a prevalent and disruptive force. This chapter, "The Human Firewall: Mitigating Ransomware Risks in Critical Infrastructures through Human-Centric Approaches," delves into the often-overlooked human element of cybersecurity. It provides a holistic examination of how cyber adversaries exploit human vulnerabilities and how reinforcing human vigilance can be decisive in combating ransomware threats. While technological defences are essential, the role of human behaviour and awareness in preventing such attacks is equally critical. This chapter begins with a compelling introduction to the role of human factors in cybersecurity, emphasising that human errors or oversights are often the weakest links in security chains. It proceeds with a literature review, citing key studies that underscore the susceptibility of individuals to cyber threats, particularly within environments as sensitive as critical infrastructures. In exploring the intersection of ransomware and human error, the chapter carefully dissects various incidents where ransomware attacks have been successful primarily due to human fallibility, revealing patterns and tactics used by attackers, such as phishing, social engineering, and psychological manipulation to breach defences. The heart of the chapter lies in its in-depth analysis of mitigation strategies. It discusses innovative approaches to cybersecurity training, focusing on not just the impartation of knowledge but also the shaping of behaviours and mindsets. Organizations can transform their workforce into a robust human firewall by fostering a proactive security culture and implementing continuous awareness programs. The recommendations section bridges theory and practice, offering actionable strategies integrating the human factor into cybersecurity frameworks. It advocates for a synergistic approach that combines technical safeguards with human-centric measures to create a resilient defence against ransomware. An action plan is also proposed, outlining immediate and long-term steps for organisations to bolster their human firewalls, providing pragmatic steps to enhance their cybersecurity posture. From employee training modules to behavioural analytics and regular security drills, the plan presents a comprehensive roadmap for cultivating the human firewall - an essential layer in safeguarding critical infrastructures from the ever-evolving menace of ransomware. This chapter concludes by emphasising that investing in the human aspects of cybersecurity is not just a tactical choice but a strategic necessity to fortify critical infrastructures against the escalating tide of ransomware attacks.
DOI
10.1201/9781003469506-14
Access Rights
subscription content
Comments
Moonsamy, A., Ahmed, M., Guidetti, O., & Rashid, B. The human firewall: Mitigating ransomware risks in critical infrastructures through human-centric approaches. In Ransomware evolution (pp. 192-207). CRC Press. https://doi.org/10.1201/9781003469506-14