Behind the Screen: Understanding the Human Firewall in Cybersecurity
Abstract
In recent years, the number of cyber threats has skyrocketed, and cybersecurity has become a top concern for many organizations. While historically, cybersecurity has been seen as a purely technical field focused on aspects such as securing networks properly and configuring firewalls, it is important to understand that in reality, cybersecurity is just as much a people-oriented field as it is a technical one. To truly improve our security posture, we must consider the human firewall. The reality is that both cybercriminals and cyber defenders are cut from the same cloth. Cybercriminals and professionals alike are often brilliant problem solvers, motivated by a strong desire to understand and navigate the complexities of computer networks. This paper aims to analyze the psychological similarities and differences between these two groups. While certain factors distinguish these groups, the line between them is very blurry, making it difficult to place individuals into rigid categories. It is important to recognize that individuals often fall somewhere along a spectrum between the stereotypical representations of white-hat and black-hat hackers. Ultimately, understanding the psychology behind cyber behavior isn’t purely an academic exercise. By understanding how digital citizens act, we can develop better methods for detecting cybercrime and rehabilitating potential offenders early on. While some initiatives like the UK’s Cyber Choices and the Netherlands’ Hack_Right already aim to address these issues, the insights from this research can strengthen these programs and expand their reach. Moreover, many parts of the world, including developed nations such as the United States, lack national programs specifically designed to rehabilitate young cyber offenders. This research provides novel ideas on how to structure potential programs so they are practical and effective. More than any technical tool, understanding the human factors underlying cybersecurity will be key to preparing the next generation of cyber defenders and addressing the massive shortage in the field. This research and its insights will be especially interesting and relevant to cybersecurity professionals, educators, law enforcement officials, and policymakers seeking to better the field of cybersecurity.