Future directions for behavioral information security research

Abstract

Information Security (InfoSec) research is far reaching and includes many approaches todeal with protecting and mitigating threats to the information assets and technicalresources available within computer based systems. Although a predominant weakness inproperly securing information assets is the individual user within an organization, much ofthe focus of extant security research is on technical issues. The purpose of this paper is tohighlight future directions for Behavioral InfoSec research, which is a newer, growing areaof research. The ensuing paper presents information about challenges currently faced andfuture directions that Behavioral InfoSec researchers should explore. These areas includeseparating insider deviant behavior from insider misbehavior, approaches to understandinghackers, improving information security compliance, cross-cultural Behavioral InfoSecresearch, and data collection and measurement issues in Behavioral InfoSec research.