Human-Centric Cybersecurity: The Integration of Psychological Insights and Socio-Technical Systems
Keywords:
Human Factors; Socio-Technical Systems; Psychology; Behavioral Science; User-Centered Design; Security Culture.Abstract
As cyber threats continue to grow in sophistication and scale, it has become increasingly clear that traditional technology-focused cybersecurity approaches are insufficient on their own. This article advocates for a human-centric cybersecurity paradigm that integrates psychological insights and socio-technical systems thinking to address the complex interplay between human behavior, organizational culture, and technical infrastructure. Drawing on cognitive psychology, behavioral science, and systems engineering, the paper explored key human factors that influence security, such as cognitive limitations, social engineering susceptibility, and security fatigue. It examined the value of user-centered system design, adaptive security measures, and policy frameworks that align with real-world user behavior and organizational dynamics. Additionally, the article outlined a conceptual framework for human-centric cybersecurity and identified future research directions, including the quantification of cognitive biases, evaluation of gamified training, as well as embedding security metrics into organizational performance. Through the promotion of interdisciplinary collaboration and laying emphasis on the central role of human agents, this work aims to guide the development of more resilient, effective, and ethically grounded cybersecurity practices.
References
Ajzen, I. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179–211. https://doi.org/10.1016/0749-5978(91)90020-T
Arachchilage, N. A. G., and Love, S. (2014). Security awareness of computer users: A phishing threat avoidance perspective. Computers in Human Behavior, 38, 304–312. https://doi.org/10.1016/j.chb.2014.05.046
Beautement, A., Sasse, M. A., and Wonham, M. (2008). The compliance budget: Managing security behaviour in organisations. Proceedings of the 2008 New Security Paradigms Workshop, 47–58. https://doi.org/10.1145/1595676.1595684
Egelman, S., and Peer, E. (2015). Scaling the security wall: Developing a security behavior intentions scale (SeBIS). Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, 2873–2882. https://doi.org/10.1145/2702123.2702249
Ezeanyim, O. C., Okpala, C. C. and Igbokwe, B. N. (2005), “Precision Agriculture with AI-Powered Drones: Enhancing Crop Health Monitoring and Yield Prediction” International Journal of Latest Technology in Engineering, Management and Applied Science, vol. 14, iss. 3, https://doi.org/10.51583/IJLTEMAS.2025.140300020
Furnell, S., and Clarke, N. (2012). Power to the people? The evolving recognition of human aspects of security. Computers and Security, 31(8), 983–988. https://doi.org/10.1016/j.cose.2012.08.004
Godwin H. C. and Okpala C. C. (2013), “Ergonomic Assessment of Musculoskeletal Disorders From Load-Lifting Activities in Building Construction” International Journal of Advanced Engineering Technology, vol. v, iss. 4, http://www.technicaljournalsonline.com/ijeat/
Johnson, C., Ekstedt, M., and Lagerström, R. (2011). A conceptual model for integrating Socio-technical and software engineering practices in security. Proceedings of the 2011 International Conference on Availability, Reliability and Security, 155–162. https://doi.org/10.1109/ARES.2011.27
Kahneman, D. (2011). Thinking, Fast and Slow. Farrar, Straus and Giroux.
Norman, D. A. (2013). The design of everyday things: Revised and expanded edition. Basic Books.
Okpala, C. C. (2025a). Zero Trust Architecture in Cybersecurity: Rethinking Trust in a Perimeterless World. International Journal of Science, Engineering and Technology, vol. 13, iss. 4, https://www.ijset.in/wp-content/uploads/IJSET_V13_issue4_205.pdf
Okpala, C. C. (2025b). Quantum Computing and the Future of Cybersecurity: A Paradigm Shift in Threat Modeling. International Journal of Science, Engineering and Technology, vol. 13, iss. 4, https://www.ijset.in/wp-content/uploads/IJSET_V13_issue4_210.pdf
Okpala, C. C. (2025c). Cybersecurity Challenges and Solutions in Edge Computing Environments: Securing the Edge. International Journal of Science, Engineering and Technology, vol. 13, iss. 4, https://www.ijset.in/wp-content/uploads/IJSET_V13_issue4_206.pdf
Okpala, C. C., Udu, C. E. and Okpala, S. C. (2025a), “Big Data and Artificial Intelligence Implementation for Sustainable HSE Practices in FMCG” International Journal of Engineering Inventions, vol. 14, iss. 5, https://www.ijeijournal.com/papers/Vol14-Issue5/14050107.pdf
Okpala, C. C. and Udu, C. E. (2025a), “Autonomous Drones and Artificial Intelligence: A New Era of Surveillance and Security Applications” International Journal of Science, Engineering and Technology, vol. 13, iss. 2, https://www.ijset.in/wp-content/uploads/IJSET_V13_issue2_520.pdf
Okpala, S. C. and Okpala, C. C. (2024), “The Application of Artificial Intelligence to Digital Healthcare in the Nigerian Tertiary Hospitals: Mitigating the Challenges” Journal of Engineering Research and Development, vol. 20, iss. 4, http://ijerd.com/paper/vol20-issue4/20047681.pdf
Okpala, C. C. and Udu, C. E. (2025b), “Artificial Intelligence Applications for Customized Products Design in Manufacturing” International Journal of Multidisciplinary Research and Growth Evaluation, vol. 6, iss. 1, https://www.allmultidisciplinaryjournal.com/uploads/archives/20250212104938_MGE-2025-1-307.1.pdf
Okpala, C. C., Udu, C. E. and Nwamekwe, C. O. (2025b), “Artificial Intelligence-Driven Total Productive Maintenance: The Future of Maintenance in Smart Factories” International Journal of Engineering Research and Development, vol. 21, iss. 1, https://ijerd.com/paper/vol21-issue1/21016874.pdf
Okpala, C. C., Igbokwe, N. C. and Nwankwo, C. O. (2023a), “Revolutionizing Manufacturing: Harnessing the Power of Artificial Intelligence for Enhanced Efficiency and Innovation” International Journal of Engineering Research and Development, vol. 19, iss. 6, http://www.ijerd.com/paper/vol19-issue6/C19061825.pdf
Okpala, C. C., Ezeanyim, O. C. and Igbokwe, N. C. (2023b), “Human-Robot Interaction Enhancement Through Ergonomics and Human Factors: Future Directions” International Journal of Engineering Research and Development, vol. 19. Iss. 6, http://www.ijerd.com/paper/vol19-issue6/E19063440.pdf
Okpala C. C., and Ihueze C. C. (2017), “Ergonomics Improvements in a Paint Manufacturing Company” International Research Journal of Engineering and Technology Vol. 04, Iss. 10, https://www.irjet.net/archives/V4/i10/IRJET-V4I10360.pdf
Okpala, C. C., Udu, C. E. and Ejichukwu, E. O. (2025a), “The Need for Ergonomics and Safety in Automated Manufacturing Environments” International Journal of Multidisciplinary Research and Growth Evaluation, vol. 6, iss. 3, https://www.allmultidisciplinaryjournal.com/uploads/archives/20250508172255_MGE-2025-3-046.1.pdf
Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., and Jerram, C. (2010). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers and Security, 33(1), 112–123.
Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change. The Journal of Psychology, 91(1), 93–114. https://doi.org/10.1080/00223980.1975.9915803
Sasse, M. A., Brostoff, S., and Weirich, D. (2001). Transforming the 'weakest link'—A human/computer interaction approach to usable and effective security. BT Technology Journal, 19(3), 122–131. https://doi.org/10.1023/A:1011902718709
Schlienger, T., and Teufel, S. (2003). Information security culture—from analysis to change. Proceedings of the 3rd Annual Conference on Security and Protection of Information, 95–105.
Simon, H. A. (1955). A behavioral model of rational choice. The Quarterly Journal of Economics, 69(1), 99–118.
Sweller, J. (1988). Cognitive load during problem solving: Effects on learning. Cognitive Science, 12(2), 257–285. https://doi.org/10.1207/s15516709cog1202_4
Trist, E. L., and Bamforth, K. W. (1951). Some social and psychological consequences of the longwall method of coal-getting. Human Relations, 4(1), 3–38. https://doi.org/10.1177/001872675100400101
Verizon. (2023). 2023 Data Breach Investigations Report. https://www.verizon.com/business/resources/reports/dbir/
West, R. (2008). The psychology of security. Communications of the ACM, 51(4), 34–40. https://doi.org/10.1145/1330311.1330320
Winkler, I., and Gomes, K. (2022). Human Factors in Cybersecurity: A Research Agenda. Springer.
