A Review of Human Vulnerabilities in Cyber Security: Challenges and Solutions for Microfinance Institutions  

作　　者：Evaline Waweru Simon Maina Karume Alex Kibet Evaline Waweru;Simon Maina Karume;Alex Kibet(Department of Computing and Informatics, The Cooperative University, Nairobi, Kenya;Department of Computer Science and Information Technology, Kabarak University, Nakuru, Kenya;Department of Computing and Informatics, Laikipia University, Laikipia, Kenya)

机构地区：[1]Department of Computing and Informatics, The Cooperative University, Nairobi, Kenya [2]Department of Computer Science and Information Technology, Kabarak University, Nakuru, Kenya [3]Department of Computing and Informatics, Laikipia University, Laikipia, Kenya

出　　处：《Journal of Information Security》2025年第1期114-130,共17页信息安全(英文)

摘　　要：This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak internal protocols, the study identifies key vulnerabilities exacerbating cyber threats to MFIs. A literature review using databases like IEEE Xplore and Google Scholar focused on studies from 2019 to 2023 addressing human factors in cybersecurity specific to MFIs. Analysis of 57 studies reveals that phishing and insider threats are predominant, with a 20% annual increase in phishing attempts. Employee susceptibility to these attacks is heightened by insufficient training, with entry-level employees showing the highest vulnerability rates. Further, only 35% of MFIs offer regular cybersecurity training, significantly impacting incident reduction. This paper recommends enhanced training frequency, robust internal controls, and a cybersecurity-aware culture to mitigate human-induced cyber risks in MFIs.This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak internal protocols, the study identifies key vulnerabilities exacerbating cyber threats to MFIs. A literature review using databases like IEEE Xplore and Google Scholar focused on studies from 2019 to 2023 addressing human factors in cybersecurity specific to MFIs. Analysis of 57 studies reveals that phishing and insider threats are predominant, with a 20% annual increase in phishing attempts. Employee susceptibility to these attacks is heightened by insufficient training, with entry-level employees showing the highest vulnerability rates. Further, only 35% of MFIs offer regular cybersecurity training, significantly impacting incident reduction. This paper recommends enhanced training frequency, robust internal controls, and a cybersecurity-aware culture to mitigate human-induced cyber risks in MFIs.

关 键 词：Human Vulnerabilities CYBERSECURITY Microfinance Institutions Cyber Threats Cybersecurity Awareness Risk Mitigation 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]