Perceived Security Risks and Cybersecurity Compliance Attitude

Student Name: Raegan Adgerson
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and Social Sciences
Professor Diwakar Yalpi
Date: April 16, 2026

BLUF: This article claims that one of the biggest problems in cybersecurity is the human factor. The article states that human behavior is the weakest link in cybersecurity, and as cyber- attacks exploit user vulnerabilities. The problem is becoming even bigger. This document will review the article and understand the importance of knowing how personality can affect cybersecurity.

Relation/Connection to Social Science Principles

The article that I am referring to relates to the idea of empiricism. Empiricism is the concept that scientists can only study behavior that is real to the senses. The document mentions the big five as personality traits and uses them as points of study. It uses these five personality traits to define employees who are most likely to be vulnerable. The paper also discusses how certain traits like “agreeableness” are more likely to follow cybersecurity recommendations (F. Naga et al., 2024).

The document could also be connected to objectivity. Objectivity refers to the way scientists study topics. It is usually in a value-free manner, as the point of it is to advance knowledge and not to push a point of view. The article discusses the topic of the big five of personality in a laissez-faire attitude. The personality traits are not made to offend, but rather to explain a phenomenon that has become a problem.

Research Question /Hypothesis/ Independent Variable/Dependent Variable

The research question is why humans are the weakest link in cybersecurity, and what we can learn about the people who are more vulnerable to user-based cyber-attacks. The author hypothesizes that the problem may be personality traits in people. The independent variable is people’s personalities. The dependent variable is cyber hygiene, the steps people should take to be safe.

Types of Research Methods used

The research method, I believe, used in this article is quantitative; they pull a lot of case studies and surveys from other articles. The author had a target population that the studies pulled from. This population came from several different organizations. The author ensured that all the data he pulled was accurate and reliable.

Types of Data Analysis used

The author collected data through structural equation modeling, also known as SEM. They also used STATA software to analyze the direct and indirect associations between personality traits and cybersecurity behavior. The sample size was 259 workers at different organizations and programs. This sort of anonymity makes the study itself more reliable.

Connections to other Course Concepts

This study reinforces our discussion on the Big Five and its effects on workers. This article specifically highlights how a person with neuroticism is less likely to partake in the appropriate cyber hygiene compared to someone with the trait of openness. Although this was not discussed in the article, our lecture covered cognitive theories like psychodynamic theory and behavioral theory. I believe that these theories could heavily relate to the topic the article is covering.

Connections to the Concerns or Contributions of Marginalized Groups

The concerns that the article does not mention that I noticed are the fact that the Big Five of personality is a Western thought process. Countries that may have different perceptions of certain personality traits may not agree with the article. Neurodivergent people also exist, and the Big Five of personality traits is very broad, and people who have neurodivergent traits may be labeled incorrectly.

Overall societal contributions of the study/Conclusion

In conclusion, the research provided by this article is an important contribution because it integrates cybersecurity and the social sciences. It does this by integrating psychological and behavioral frameworks and applying them to cybersecurity. It brings awareness to certain personality types and will overall make cybersecurity a safer field.