Abstract Organisations face increasingly complex cyber threats, prompting a shift from purely technical defences to holistic strategies that integrate human behaviour, organisational culture and psychological theory. This paper critically evaluates the role of human factors in cybersecurity, drawing on a systematic review of standards and frameworks, including NIST and ISO/IEC 27000 and recent literature on autonomous systems and behavioural science. While automation offers scalable defence,...

Security Risk Management Approach   The  Risk Management Standard produced by the Institute of Risk Management (2002) states that risk can be “defined as the combination of the probability of an event and its consequences”. In a similar description, risk has been described in BS ISO 31000: 2018, 3.1 as the “effect of uncertainty on objectives”, with Sutton (2014) emphasising its importance in considering the confidentiality, integrity and availability of business information and information...

In an era defined by compounding crises, pandemics, climate disruption, geopolitical instability, and economic volatility, the concept of...