Mason Phillips
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and the Social Sciences
Professor Yalpi
February 26th, 2026
BLUF
BLUF: The big five personality traits: Openness, conscientiousness, extraversion, agreeableness, and neuroticism, play a major role in the attitudes of people in the case of cybersecurity behavior. This finding is found through quantitative research but is not purely technological and can be explained through the seven principles of social sciences.
Relation to the Seven Principles of Social Science
Human behavior and its correlation to cybersecurity have been a subject in a lot of cybersecurity research in recency since human error is one of the biggest faults in the cybersecurity industry and other related fields. One of the principles that the article best relates cybersecurity to is the principle of relativism. In the case of the social sciences, relativism refers to the idea that all things are related to each other in some manner or in some possible connection. In this article, it shows the connection between the big five personality traits: openness, conscientiousness, extraversion, agreeableness, and neuroticism (OCEAN for short), and the cybersecurity behavior of people. One of the things that it shows is that the different personality traits may think about and treat cybersecurity in different ways. For instance, somebody with an agreeable personality may be quick to agree and comply with cybersecurity policies and protections, while somebody who has an extroverted personality is “more likely to engage in more frequent online activities, hence being more vulnerable to attack” (Ghaleb, Sattarov, 2025). Another principle that this article can be related to is the principle of empiricism. Empiricism in the sense of the social sciences correlates to the idea that the only evidence that is tangible for use is evidence that can be observed whether it be by sight, hearing, or feeling. The evidence in the article is recorded from 259 employees, and the Confirmatory Factor Analysis (CFA) verified the validity of the evidence and the results. The third principle that it can be related to is skepticism. The research only took place because the researchers were skeptic about how the personality traits actually affected cybersecurity behaviors.
Experiment Details
The article doesn’t have a direct question, but has more of a theoretical model that it researches, with the model showing “individual behavior towards a perceived risk depends on two primary appraisals: threat appraisal (perceived severity and vulnerability) and coping appraisal (response efficacy and self-efficacy)… Personality traits influence these appraisals by conditioning the way individuals assess risk and choose behavioral responses.” (Ghaleb, Sattarov, 2025). In this article, the independent variable (IV) and the dependent variable (DV) are clearly defined. The DV, or what is being measured, is the attitude employees have towards cybersecurity compliance, and the IV is the five personality traits, with each one changing the attitude towards cybersecurity compliance.
Research Methodology and Data Analysis
The article uses quantitative research to measure the “impact of Big Five personality traits on cybersecurity behavior and attitudes towards compliance, with cybersecurity behavior as a mediator and perceived security risk as a moderator.” (Ghaleb, Sattarov, 2025). The data was collected through a survey method, in which the 259 workers were purposively selected so they would be exposed to elements from their regular work environment. For analyzing the data, they used Structural Equation modeling (SEM) with STATA software due to it having “excellent capabilities for dealing with intricate model structures, multiple paths of mediation and moderation, and latent constructs.” (Ghaleb, Sattarov, 2025). After this, a Confirmatory Factor Analysis was used to validate and check the reliability of the results.
Other Concept Connections
The first concept the article connects to other than the seven principles is OCEAN, or the five big personality traits. The entire article and its research are completely related to these five traits and how they can affect cybersecurity. The second type of connection is the connection between the article and the concept of quantitative research. Quantitative research was the basis for the data gathering in the article along with the results.
Concerns of Marginalized Groups
One concern that can be brought up about marginalized groups in this study is that there is a possibility that not all employees have had the same training and have the same amount of digital literacy as other employees in the test, putting these groups at a disadvantage. Another concern that can be raised in the article is that not all employees are identical and the study can fail to identify the psychological differences in employees when they are grouped in only five personality traits.
Conclusion
To conclude, the study contributes to society by proving that personality traits do in fact affect cybersecurity behaviors in relation to cybersecurity policies and compliance. The study also contributes by promoting stronger security and policy compliance within organizations.
Reference
Ghaleb, M. M. S., & Sattarov , A. (2025, June). International Journal of Cyber Criminology Vol 19 issue 1 January – June 2025. https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/438/124/878