This book takes a fresh look at the underappreciated role of human psychology in cybersecurity and information technology management. It discusses the latest insights from practice and scholarly work on the role of cognitive bias and human factors in critical decisions that could affect the lives of many people.
Written by an experienced chief information security officer (CISO) and an academic with over two decades of lived experience dealing with cybersecurity risks, this book considers the psychological drivers and pitfalls of the four key personas in cybersecurity – from hackers and defenders, to targeted individuals and organisational leaders. It bridges state-of-the-art research findings with real-world examples and case studies to show how understanding the psychological factors in cybersecurity can help people protect themselves and their organisations better.
Full of advice on security best practices that consider the human element of cybersecurity, this book will be of great interest to professionals and managers in the cybersecurity domain, information technology, and governance and risk management. It will also be relevant to students and those aspiring to grow in this field.
By:
Tarnveer Singh,
Sarah Y. Zheng
Imprint: Routledge
Country of Publication: United Kingdom
Dimensions:
Height: 234mm,
Width: 156mm,
Weight: 500g
ISBN: 9781041005711
ISBN 10: 1041005717
Series: Current Issues in Cyberpsychology
Pages: 172
Publication Date: 29 August 2025
Audience:
College/higher education
,
Professional and scholarly
,
Primary
,
Undergraduate
Format: Hardback
Publisher's Status: Active
Foreword Part 1: Enter the world of cybercrime Chapter 1: Most cybercriminals are made, not born Chapter 2: Hackers: the good, the bad and the ugly Hacktivism Once a hacker, always a hacker? Notorious hackers Interviews with real-life cybercriminals Chapter 3: How an attack is devised Selecting targets Skills that make attacks succeed Social engineering attacks: hacking people’s minds Ransomware attacks Exploiting misconfigurations Chapter 4: Special cases Insider threats Whistleblowers Third party and supply-chain risks Impact of cyber-attacks on trust Part 2: Inside the line of defence Chapter 5: Operational cybersecurity context Pressures of the job Cybersecurity needs diversity Why work in cybersecurity Chapter 6: Human fallacies and how to overcome them Biases affecting threat analysis Biases affecting risk management Chapter 7: Operational resilience relies on adequate cybersecurity People Processes Technology Business continuity Chapter 8: Organisational psychology Chapter 9: Improving organisational cybersecurity Good governance Better training and education Security by design Organisational cybersecurity culture Cybersecurity champions Nudge programs Situational crime prevention Part 3: The target´s perspective Chapter 10: Psychology applied in cybersecurity Opening the black box Brains: natural prediction machines Chapter 11: How we take the bait Technical people have human brains too Know yourself to protect yourself Part 4: The Psychology of a Chief Information Security Officer (CISO) Chapter 12: Responsibilities of a CISO The SECCRRT to effective CISOs Leading the psychology and cybersecurity integration Shaping the organisation´s psychological security posture Getting security buy-in across the board Chapter 13: The psychological toll on CISOs Managing risk Managing the executive team Overcoming stress and building resilience Chapter 14: Concluding remarks Glossary
Tarnveer Singh is an award‑winning Chief Information Security Officer with decades of security experience across a wide range of sectors. He is Director (Security and Compliance) at Cyber Wisdom Ltd, an Information Security and Compliance Consultancy, helping clients to address security threats affecting their business. He is also a Fellow of the Chartered Institute of Information Security and a Chartered IT Professional with the British Computer Society. Sarah Y. Zheng, PhD, is a neuropsychologist investigating emerging crime and security risks from technological advances. Through her research, she helps organisations become more resilient to phishing attacks and improve people’s awareness of new (cyber)security threats. Before returning to academia, she developed AI applications and worked in data science for financial, retail, and government institutes. With her unique understanding of both people and technology, her mission is to protect the human element in technology.
