Human Factors in the LastPass Breach
Niroop Sugunaraj
TL;DR
This paper analyzes the LastPass breach emphasizing the importance of human factors in cybersecurity, advocating for integrating human-centric strategies to improve resilience against complex cyber threats.
Contribution
It introduces a comprehensive framework that incorporates human behavioral considerations into cybersecurity measures, highlighting their role in breach mitigation.
Findings
Addressing human biases can reduce risky behaviors
Balancing technical and human factors enhances cyber resilience
Simplified user interactions improve security awareness
Abstract
This paper examines the complex nature of cyber attacks through an analysis of the LastPass breach. It argues for the integration of human-centric considerations into cybersecurity measures, focusing on mitigating factors such as goal-directed behavior, cognitive overload, human biases (e.g., optimism, anchoring), and risky behaviors. Findings from an analysis of this breach offers support to the perspective that addressing both the human and technical dimensions of cyber defense can significantly enhance the resilience of cyber systems against complex threats. This means maintaining a balanced approach while simultaneously simplifying user interactions, making users aware of biases, and discouraging risky practices are essential for preventing cyber incidents.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsQuality and Safety in Healthcare