Psychological Profiling for Enhancing Cybersecurity Training Effectiveness in Educational Institutions

It is well accepted that human factors impact almost every aspect of cybersecurity. Users often tend to act by clicking links in phishing emails without considering the possible consequences. Cyber attackers are influenced by psychological factors such as motivation, social identity, and group dynamics. Moreover, various psychological factors like cognitive load, mental health, trust, and interpersonal relationships also facilitate insider threats, intentionally or unintentionally. Incorporating psychological approaches to cybersecurity education can empower practitioners to address myriad security challenges more effectively. Creating these enhancements is problematic because applying psychology involves many theories and methods, most of which would not be useful in cybersecurity. It is important to sift through psychological literature for concepts that can be applied to cybersecurity. In addition, differences in approaches to teaching psychology compared to cybersecurity and the predominant psychological characteristics of students attracted to both subjects also exist. Addressing these differences is important for motivating and engaging cybersecurity learners. This paper addresses these concerns and provides reflections on the results of interdisciplinary collaboration in teaching psychology to students, professionals, and industry clients in cybersecurity.