Enhancing Cybersecurity Resilience: A Comprehensive Analysis of Human Factors and Security Practices Aligned with the NIST Cybersecurity Framework

Although effective technical countermeasures play a pivotal role in safeguarding organizations’ digital assets, the persistent challenge of human factors in cybersecurity cannot be underestimated. This study aims to identify the human factors employed within the cybersecurity research community and the relevant human-centric security practices. These human factors and security practices are subsequently mapped to the functions, categories, and sub-categories of the NIST Cybersecurity Framework (NIST-CSF). The methodology for this research comprises a literature review and qualitative mapping techniques. The findings show the identification of 20 distinct human factors and 12 security practices. Additionally, the mapping reveals that 3 of the NIST-CSF functions, 8 categories, and 19 sub-categories are directly related with human aspects of cybersecurity. By aligning human factors and security practices with established NIST-CSF guidelines, organizations can strengthen their overall security posture. Moreover, it helps identify gaps in cybersecurity related to human factors to address vulnerabilities and mitigate risks associated with human errors, reducing the likelihood of security incidents and data breaches. Ultimately, this study provides valuable insights, presents conclusions, and suggests directions for future work.