The Cyberpsychology of Small and Medium-Sized Enterprises Cybersecurity: A Human-Centric Approach to Policy Development  

作　　者：Troy C. Troublefield Troy C. Troublefield(Fit Nerd Technology Consultants, Brandon, Florida, USA)

机构地区：[1]Fit Nerd Technology Consultants, Brandon, Florida, USA

出　　处：《Journal of Information Security》2025年第1期158-183,共26页信息安全(英文)

摘　　要：This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.

关 键 词：Cyberpsychology CYBERSECURITY SMES Policy Development Human Factors Risk Perception Compliance Behavior Organizational Culture Psychological Resilience Security Awareness 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]