1st Edition
The Psychology of Cybersecurity Hacking and the Human Mind
Foreword
Part 1: Enter the world of cybercrime
Chapter 1: Most cybercriminals are made, not born
Chapter 2: Hackers: the good, the bad, and the ugly
Hacktivism
Once a hacker, always a hacker?
Notorious hackers
Interviews with real-life cybercriminals
Chapter 3: How an attack is devised
Selecting targets
Skills that make attacks succeed
Social engineering attacks: hacking people’s minds
Ransomware attacks
Exploiting misconfigurations
Chapter 4: Special cases
Insider threats
The impact of insider threats
Whistleblowers
Third party and supply chain risks
Impact of cyber-attacks on trust
Part 2: Inside the line of defence
Chapter 5: Operational cybersecurity context
Pressures of the job
Cybersecurity needs diversity
Why work in cybersecurity
Chapter 6: Human fallacies and how to overcome them
Biases affecting threat analysis
Biases affecting risk management
Chapter 7: Operational resilience
People
Processes
Technology
Business continuity
Chapter 8: Organisational psychology
Chapter 9: Improving organisational cybersecurity
Good governance
Better training and education
Security by design
Organisational cybersecurity culture
Cybersecurity champions
Nudge programs
Situational crime prevention
Part 3: The target´s perspective
Chapter 10: Psychology applied in cybersecurity
Opening the black box
Brains: natural prediction machines
Chapter 11: How we take the bait
Technical people have human brains too
Know yourself to protect yourself
Part 4: The Psychology of a Chief Information Security Officer (CISO)
Chapter 12: Responsibilities of a CISO
The SECCRRT to effective CISOs
Leading the psychology and cybersecurity integration
Shaping the organisation´s psychological security posture
Getting security buy-in across the board
Chapter 13: Psychological toll on CISOs
Managing risk
Managing the executive team
Overcoming stress and building resilience
Chapter 14: Concluding remarks
Glossary
Biography
Tarnveer Singh is an award‑winning Chief Information Security Officer with decades of security experience across a wide range of sectors. He is Director (Security and Compliance) at Cyber Wisdom Ltd, an Information Security and Compliance Consultancy, helping clients to address security threats affecting their business. He is also a Fellow of the Chartered Institute of Information Security and a Chartered IT Professional with the British Computer Society.
Sarah Y. Zheng, PhD, is a neuropsychologist investigating emerging crime and security risks from technological advances. Through her research, she helps organisations become more resilient to phishing attacks and improve people’s awareness of new (cyber)security threats. Before returning to academia, she developed AI applications and worked in data science for financial, retail, and government institutes. With her unique understanding of both people and technology, her mission is to protect the human element in technology.
