The Psychology of Information Security: Resolving Conflicts Between Security Compliance and Human Behaviour

  • 2h 11m 44s
  • Leron Zinatullin
  • IT Governance
  • 2019

In today’s corporations, information security professionals have a lot on their plate. In the face of constantly evolving cyber threats they must comply with numerous laws and regulations, protect their company’s assets and mitigate risks to the furthest extent possible.

Security professionals can often be ignorant of the impact that implementing security policies in a vacuum can have on the end users’ core business activities. These end users are, in turn, often unaware of the risk they are exposing the organisation to. They may even feel justified in finding workarounds because they believe that the organisation values productivity over security. The end result is a conflict between the security team and the rest of the business, and increased, rather than reduced, risk.

In this Audiobook

  • Chapter 1 - Introduction to Information Security
  • Chapter 2 - Risk Management
  • Chapter 3 - The Complexity of Risk Management
  • Chapter 4 - Stakeholders and Communication
  • Chapter 5 - Information Security Governance
  • Chapter 6 - Problems with Policies
  • Chapter 7 - How Security Managers Make Decisions
  • Chapter 8 - How Users Make Decisions
  • Chapter 9 - Security and Usability
  • Chapter 10 - Security Culture
  • Chapter 11 - The Psychology of Compliance
  • Chapter 12 - Conclusion: Changing the Approach to Security


Rating 4.6 of 5 users Rating 4.6 of 5 users (5)
Rating 4.4 of 17 users Rating 4.4 of 17 users (17)
Rating 4.7 of 266 users Rating 4.7 of 266 users (266)