The concept of “cyber resilience,” which has to do with an organization’s capacity to contain the
impacts of cyberattacks and quickly recover, is examined in the article Development of a new
‘human cyber-resilience scale. There has been a significant lack of research on cyber resilience
for individual users in non-work or household contexts, even though research on cyber resilience
in corporate settings has been extensively studied. The current research focuses on creating
cyber-resilience frameworks (CRFs) for enterprises, which place an emphasis on elements that
assist firms in fending against cyberattacks and recovering quickly. Individuals and households
outside of the workplace also suffer considerable losses because of cyberattacks, with home
surroundings increasingly being the target of cybercrime. This article highlights the importance
of comprehending “human cyber resilience,” which it refers to as variables that help people and
families deal with and recover from unfavorable cyber incidents. The research uses the well-
established psychological resilience literature to build a self-report measure of household cyber
resilience. It lists several elements including adaptation, mastery, self-efficacy, positivism,
perseverance, active coping, social support, and a structured environment that may support
human cyber resilience.
In the article, a multi-step methodology for developing a scale to evaluate human cyber
resilience is described. This methodology includes exploratory and confirmatory factor analysis
as well as alignment with additional important measures. It tries determining whether the same
resilience elements that are relevant in other circumstances also apply to the specific context of
cybersecurity incidents. The article discusses creating a scale to gauge people’s cyber resilience.
A total of 51 candidate items from various general resilience scales, including The Resilience
Scale, The Resilience Scale for Adults, the Connor-Davidson Resilience Scale, The Resilience in
Midlife Scale, and The Brief Resilience Coping Scale, were adapted to create the initial set of 51
candidate items for this scale. To assess resilience in the context of online cybersecurity risks or
challenges, such as hacking or phishing, these items were then reworded. These 51 candidate
components made up the scale’s initial variation. The article discusses a series of 5 studies aimed
at developing a measurement scale to assess human cyber resilience. The studies employed a
consistent statistical approach with some variations. Here’s a summary of the key points in these
studies: Principal Axis Factoring (PAF) was utilized in the original investigation (Study 1)
because there were questions regarding the distribution of the data and the extraction of the
factors. Self-reliance and training, protective routines and knowledge, flexibility and positive
thinking, and social support were the four main characteristics revealed in Study 1. To allow for
a more comprehensive interpretation of the dimensions, some elements with low communalities
were kept. Study 2 sought to balance the item mix and more accurately represent the noted
factors. The old items were expanded upon, and new ones created. For the four subscales of self-
reliance, social support, defensive routines and knowledge, and adaptation and optimistic
thinking, a total of 26 items were developed. Self-efficacy was verified as the main component in
Study 2, whereas social support was the secondary element. The third component suggested
powerlessness in the face of danger, while the fourth factor had to do with learning and
development. The new subscales, which each had four items, were examined in Study 3. To
investigate communalities and loadings, an exploratory factor analysis was performed. Study 4
used AMOS to conduct a confirmatory factor analysis, which supported the creation of four
subscales: learning and growth, helplessness, self-efficacy, and social support. Poor resilience is
indicated by high powerlessness scores. By correlating the cyber-resilience subscales with
measures of general resilience, computer self-efficacy, cybersecurity behavior, and stress
brought on by cybersecurity victimization, the final study sought to compare cyber-resilience
scores across nations. It also examined convergent and discriminant validity. In conclusion, the
study’s results show that the human cyber-resilience scale and its subscales are concurrently
valid. The relationships between human cyber resilience and SeBIS, general resilience, and
computer self-efficacy imply that this concept is unique and important in the field of
cybersecurity research.
The article on human cyber-resilience primarily focuses on the development of a
measurement scale to assess individuals’ ability to adapt to and recover from cybersecurity
threats. While the main emphasis is on the development and validation of the scale, there are
several ways to relate it to the challenges and concerns of marginalized groups in the context of
cybersecurity. The digital gap, which includes marginalized individuals” limited access to
technology and the internet, is one of the major issues that these groups must contend with. Due
to their lack of exposure to online safety measures, these groups may be more prone to
cybersecurity dangers because of the digital gap. The worry in this situation is that they could not
be aware of the possible threats, safety precautions, and cyber-resilience methods. Due to their
experiences with prejudice in the past and present, marginalized groups may be more concerned
about privacy and data protection. Although the article doesn’t precisely address these worries, it
provides knowledge about how people might more effectively safeguard their data and privacy.
The article brings many concepts from class and relates to social science
principles together. The article uses survey methods, which are a common approach in social
science research. Surveys are used to collect data on individuals’ attitudes, beliefs, and behaviors.
In this case, the survey assesses participants’ cyber-resilience by collecting responses related to
their experiences with cybersecurity threats, aligning with principles of survey research in social
science. Another concept from class that is presented in the article is the value of an
interdisciplinary approach. It bridges social science (psychology) and computer science
(cybersecurity) to address complex societal issues. This interdisciplinary perspective is a
fundamental principle in social science research, as it recognizes the need to combine insights
from multiple disciplines to understand and solve real-world problems. The article also focuses
on individual behavior and attitudes in the context of cybersecurity. This can relate to how the
human factor can contribute to cybersecurity.
The analysis of human cyber-resilience and the development of a matching assessment scale
have made several important contributions to society. The study contributes to a better
understanding of people’s ability to deal with and recover from cybersecurity threats by
examining and quantifying human cyber-resilience. In an increasingly digital environment, this
research raises awareness of the value of individual cybersecurity readiness and resilience. The
study offers a technique for evaluating a person’s cyber-resilience that can be used to pinpoint
areas where people’s cybersecurity practices might need to be improved. The development of
policies and activities aiming at enhancing cybersecurity at both the individual and societal
levels can be guided by research on human cyber-resilience.
Article Reference
Adam N Joinson, Matt Dixon, Lynne Coventry, Pam Briggs, Development of a new ‘human
cyber-resilience scale’, Journal of Cybersecurity, Volume 9, Issue 1, 2023, tyad007,
https://doi.org/10.1093/cybsec/tyad007