The Human Factor in Cybersecurity: A Conceptual Model Integrating Cognitive Biases
摘要
This paper advances cybersecurity by proposing a cognitively grounded framework that explains how human biases and decision-making limitations contribute to security vulnerabilities. By first establishing a strong foundation in classical decision theory and then integrating insights from cyberpsychology, the study offers a nuanced model that not only identifies why users make risky choices, but also guides the design of adaptive interventions-such as serious games-that improve cognitive skills and reduce susceptibility to attacks. This dual-theoretical and empirical approach bridges the gap between technical defenses and human-centered security strategies, promoting more resilient digital behavior.