Information and Cyber Security
Information and cyber security research examines how organizations protect their data, systems, and people from both external attacks and internal failures—treating security not just as a technical problem but as a behavioral and institutional one. A central concern is understanding why employees comply with, or deviate from, security policies, and how factors like fear, rational self-interest, organizational culture, and management pressure shape those decisions. Researchers also model adversarial dynamics using tools from game theory and attack graphs to anticipate how threats evolve and how defenses can be allocated under uncertainty. Open questions include how to design interventions that shift security behavior durably rather than temporarily, and how insider threat risk can be measured and mitigated without eroding the trust that organizations depend on to function.
- Works
- 98,275
- Total citations
- 531,970
- Keywords
- Information SecurityPolicy ComplianceSecurity AwarenessDeterrenceAttack GraphsRisk Management
Top papers in Information and Cyber Security
Ordered by total citation count.
- Role-based access control models↗ 5,813
- An Intrusion-Detection Model↗ 3,356
- Validating Instruments in MIS Research1↗ 2,530
- Proceedings of the 11th USENIX Security Symposium↗ 2,514
- Usenix Security Symposium↗ 1,990
- Security Engineering: A Guide to Building Dependable Distributed Systems↗ 1,838
- Stuxnet: Dissecting a Cyberwarfare Weapon↗ 1,836
- Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness1↗ 1,832
- Telling Lies: Clues to Deceit in the Marketplace, Politics, and Marriage↗ 1,743
- USENIX Security Symposium↗ 1,519
- Analytic hierarchy process↗ 1,360
- Risk management guide for information technology systems :↗ 1,357OA
Active researchers
Top authors in this area, ranked by h-index.