Behavioral Insights in Cybersecurity: A Guide to Digital Human Factors: Security, Audit and Leadership Series
Autor Dustin S. Sachsen Limba Engleză Paperback – 29 sep 2025
Through real‑world examples and practical strategies, the book examines how cognitive biases, decision fatigue, stress, and cultural dynamics influence security performance. Leaders will learn to recognize and mitigate biases like availability and confirmation bias, implement structured decision‑making processes, and foster cultures that prioritize security without sacrificing usability or autonomy.
This book introduces the “Technology Strategy Needs Pyramid,” a human‑centric model that moves beyond compliance to build mature, resilient, and ethically grounded cybersecurity ecosystems. From designing intuitive interfaces and leveraging behavioral analytics to implementing AI‑driven adaptive defenses and ethical nudging, Dr. Sachs equips readers with actionable tools to align human tendencies with security goals.
Whether addressing insider threats, social engineering, or the limitations of legacy awareness training, Behavioral Insights in Cybersecurity advocates for a holistic approach that integrates technology, behavior, and culture. It is a must‑read for cybersecurity leaders seeking to create sustainable, secure environments where people are not the weakest link—but the strongest asset.
This book is not just a guide—it’s a call to reimagine cybersecurity leadership through the lens of human behavior, ethics, and strategic decision‑making.
Din seria Security, Audit and Leadership Series
-
Preț: 436.74 lei - 20%
Preț: 371.87 lei - 20%
Preț: 1158.55 lei - 11%
Preț: 615.24 lei -
Preț: 399.94 lei - 20%
Preț: 348.01 lei - 20%
Preț: 663.32 lei - 20%
Preț: 493.93 lei - 20%
Preț: 1373.87 lei -
Preț: 319.28 lei -
Preț: 219.16 lei - 20%
Preț: 399.08 lei - 15%
Preț: 435.36 lei - 20%
Preț: 515.33 lei - 20%
Preț: 288.49 lei - 20%
Preț: 504.82 lei -
Preț: 356.51 lei - 20%
Preț: 302.91 lei - 20%
Preț: 478.02 lei - 20%
Preț: 1258.87 lei - 20%
Preț: 340.95 lei - 20%
Preț: 341.09 lei - 20%
Preț: 291.52 lei -
Preț: 389.39 lei -
Preț: 319.51 lei - 20%
Preț: 304.07 lei - 20%
Preț: 991.79 lei - 20%
Preț: 965.83 lei - 20%
Preț: 474.92 lei - 20%
Preț: 332.68 lei - 20%
Preț: 509.96 lei - 20%
Preț: 533.83 lei - 20%
Preț: 308.26 lei -
Preț: 337.16 lei - 20%
Preț: 286.56 lei - 20%
Preț: 652.95 lei - 20%
Preț: 460.89 lei -
Preț: 303.17 lei -
Preț: 376.31 lei - 20%
Preț: 360.83 lei - 20%
Preț: 408.70 lei
Preț: 402.09 lei
Puncte Express: 603
Carte disponibilă
Livrare economică 04-18 mai
Livrare express 18-24 aprilie pentru 33.43 lei
Specificații
ISBN-13: 9781032998534
ISBN-10: 1032998539
Pagini: 234
Ilustrații: 36
Dimensiuni: 156 x 234 x 13 mm
Greutate: 0.43 kg
Ediția:1
Editura: CRC Press
Colecția CRC Press
Seria Security, Audit and Leadership Series
ISBN-10: 1032998539
Pagini: 234
Ilustrații: 36
Dimensiuni: 156 x 234 x 13 mm
Greutate: 0.43 kg
Ediția:1
Editura: CRC Press
Colecția CRC Press
Seria Security, Audit and Leadership Series
Public țintă
Professional Practice & Development, Professional Reference, and Professional TrainingCuprins
Chapter 1: Introduction to Behavioral Science and Cybersecurity Chapter 2: Foundations of Behavioral Science Chapter 3: Human Factors in Cybersecurity Chapter 4: Impacts on Organizational Culture Chapter 5: Technology Strategy Needs Pyramid Chapter 6: Decision Hygiene in Cybersecurity Chapter 7: Applying AI and Emerging Tech to Behavioral Insights Chapter 8: Ethical Considerations and Privacy Chapter 9: Future Directions in Behavioral Cybersecurity Chapter 10: Summary
Notă biografică
Dr. Dustin S. Sachs, DCS, CISSP, CCISO, is a leading voice at the intersection of cybersecurity and behavioral science. With over two decades of experience securing critical infrastructure and advising global enterprises, Dr. Sachs brings a unique blend of technical expertise and psychological insight to the evolving challenges of digital security. He currently serves as Chief Technologist and Senior Director of Programs at CyberRisk Alliance, where he spearheads strategic initiatives that empower cybersecurity professionals through community‑driven learning and innovation.
An award‑winning cybersecurity practitioner, academic, and thought leader, Dr. Sachs holds a Doctorate in Computer Science with a specialization in Cybersecurity and Information Assurance. His research explores decision‑making in cyber supply chain risk and the psychological drivers behind organizational security behavior. He has served in key roles at Fortune 500 companies, led high‑impact third‑party risk programs, and taught graduate‑level cybersecurity courses, all while contributing to national cybersecurity discourse through leadership roles in ISC², Information System Audit and Controls Association (ISACA), and Federal Bureau of Investigation (FBI) InfraGard.
Dr. Sachs is passionate about demystifying human error and transforming it into strategic advantage. His work challenges traditional, compliance‑heavy security models, advocating instead for human‑centric approaches that foster resilience, accountability, and adaptive security cultures. Whether designing frameworks, advising Chief Information Security Officers (CISOs), or mentoring the next generation of cybersecurity professionals, his mission is clear: to make cybersecurity not only stronger but smarter.
When he’s not exploring the psychology of digital risk, Dr. Sachs is a devoted husband and father, endlessly inspired by curiosity, connection, and the pursuit of lifelong learning.
An award‑winning cybersecurity practitioner, academic, and thought leader, Dr. Sachs holds a Doctorate in Computer Science with a specialization in Cybersecurity and Information Assurance. His research explores decision‑making in cyber supply chain risk and the psychological drivers behind organizational security behavior. He has served in key roles at Fortune 500 companies, led high‑impact third‑party risk programs, and taught graduate‑level cybersecurity courses, all while contributing to national cybersecurity discourse through leadership roles in ISC², Information System Audit and Controls Association (ISACA), and Federal Bureau of Investigation (FBI) InfraGard.
Dr. Sachs is passionate about demystifying human error and transforming it into strategic advantage. His work challenges traditional, compliance‑heavy security models, advocating instead for human‑centric approaches that foster resilience, accountability, and adaptive security cultures. Whether designing frameworks, advising Chief Information Security Officers (CISOs), or mentoring the next generation of cybersecurity professionals, his mission is clear: to make cybersecurity not only stronger but smarter.
When he’s not exploring the psychology of digital risk, Dr. Sachs is a devoted husband and father, endlessly inspired by curiosity, connection, and the pursuit of lifelong learning.
Recenzii
Behavioral Insights in Cybersecurity: A Guide to Digital Human Factors by Dustin S. Sachs takes on one of the most persistent—and often misunderstood—challenges in cybersecurity: the role of human behavior. Rather than portraying users as the weakest link or reducing breaches to individual mistakes, Sachs makes a compelling, evidence-based case that human behavior is inseparable from effective security strategy. The book is firmly grounded in behavioral science and informed by real-world experience, making it especially relevant for leaders who recognize that technical controls alone cannot keep pace with today’s evolving threat landscape.
One of the book’s most valuable contributions is its emphasis on cybersecurity as a cultural and decision-making issue, not merely a technical one. Sachs clearly illustrates how cognitive biases, decision fatigue, stress, and organizational pressures shape security outcomes in ways that are often predictable—and avoidable. His discussion of bounded rationality, cognitive overload, and what he calls “decision hygiene” will feel familiar to practitioners who have watched well-intentioned policies fail simply because they did not align with how people actually think and work. The Technology Strategy Needs Pyramid stands out as a practical and thoughtful framework that helps organizations move beyond checkbox compliance toward resilience and ethically grounded security design.
The writing is approachable without being simplistic. Sachs draws effectively from psychology, neuroscience, and organizational behavior, yet he avoids drifting into theory for its own sake. Instead, he consistently anchors these concepts in practical examples drawn from SOC operations, leadership environments, and enterprise security programs. His treatment of issues such as alert fatigue, security awareness training, and leadership behavior reflects a clear understanding of day-to-day operational realities. Throughout the book, one message is clear: for cybersecurity professionals, understanding and influencing behavior is just as important as deploying firewalls or encryption protocols.
Overall, Behavioral Insights in Cybersecurity is a mandatory read for today’s cybersecurity leaders and practitioners. It challenges long-standing assumptions about users and places responsibility where it belongs—on leadership, design, and culture. This book is a valuable resource for CISOs, CIOs, risk leaders, educators, and graduate students who want to integrate behavioral science into cybersecurity strategy in a practical, sustainable way.
Dr. Tim Godlove
The title tells the story.
Sachs joins a growing and important cadre of deeply experienced cybersecurity experts with his clarion call for a cultural shift across the cybersecurity landscape. He argues that while technical expertise is a given organizations must also recognize and mitigate the behaviors—human factors--that underpin close to 95 percent of cyber incidents. To make his case Sachs melds his unique expertise in both behavioral science and cybersecurity to demonstrate the nexus between the two worlds. Breaking down the stovepipes that separate them and integrating them into a coherent sustainable program means recognizing and mitigating the mental errors rooted in of deeply seeded cognitive biases that drive the behaviors.
These mental errors are not deliberate, but hardwired into how our brains, consciously or not, process information. For purely technical experts the behavioral science that drives the analysis may raise questions about its necessity—why not just accept they exist and move on--but it’s not that easy. Sach’s is asking technically savvy managers to rethink how they do business end to end and I would argue that reading is believing and skipping or skimming over the science will leave recalcitrant readers unconvinced and the stovepipes intact.
Sach’s analysis is rooted in two important strengths.
A deep understanding of cognitive bias. Sachs draws on multiple well known sources to outline the most commonly understood cognitive biases that more often or not lead to poor outcomes and place a cybersecurity framework to explain their impact. Sach’s raises the biases early on and then again throughout the book in differing contexts as he explains how to mitigate them as managers gradually reset their team.
…and a well-tuned understanding of how to counter them. As he presses for cultural transformation Sachs introduces a wide range of often well-known management tools and models he has used to affect change, including for example, the work of John Kotter and Daniel Kahneman.
Sach’s path is well structured. After Sachs details his social science orientation in the introduction and first two chapters he begins in Chapter Three to integrate the impact of human factors—behaviors—on the performance of cybersecurity teams that foreshadows later chapters. Here, for example, he first raises insider threats and social engineering.
Chapters 4 through 6 are the heart of Sach’s analysis. He diagnoses applicable cognitive biases and makes detailed programmatic suggestions to mitigate them. Each chapter calls for rethinking a different dimension of their cyber programs and he includes road maps for implementation, lists to go by, and goals and short case studies to illustrate his points.
• Chapter 4 emphasizes the importance of developing an organizational culture built around an agreed upon understanding of their organization’s vision, mission and values.. I appreciated his reference to John Kotter’s seminal work on managing and leading change initiatives and the National Institute of Standards and Technology model that emphasizes a disciplined approach to governance and risk management.
• Chapter 5 provides a more structured approach to balancing human factors and technology. Central of Sach’s analysis his how he adapts Maslow’s well practiced Hierarchy of Needs to what he labels a Technology Needs Strategy Pyramid that illustrates progression toward building a shared operating environment. Skipping foundational layers— "rushing to the shiny objects"—leads to failed transformation initiatives.
• Chapter 6 is entitled “Decision Hygiene,” a term less commonly used to describe how to minimize the impact of cognitive biases on decision making. Again, he reviews common biases and cites multiple mental models to “wash decisions.” Case studies again help make his points.
• Chapters 7 – through 9, respectively, look at managing the broad impact of AI on cyber security, balancing cyber security and privacy, and a look ahead.
Each chapter begins with a set of objectives and ends with a summary and bibliography. A final summary at the at the end of the book serves as one last clearly written reminder.
Jay Grusin, PhD
One of the book’s most valuable contributions is its emphasis on cybersecurity as a cultural and decision-making issue, not merely a technical one. Sachs clearly illustrates how cognitive biases, decision fatigue, stress, and organizational pressures shape security outcomes in ways that are often predictable—and avoidable. His discussion of bounded rationality, cognitive overload, and what he calls “decision hygiene” will feel familiar to practitioners who have watched well-intentioned policies fail simply because they did not align with how people actually think and work. The Technology Strategy Needs Pyramid stands out as a practical and thoughtful framework that helps organizations move beyond checkbox compliance toward resilience and ethically grounded security design.
The writing is approachable without being simplistic. Sachs draws effectively from psychology, neuroscience, and organizational behavior, yet he avoids drifting into theory for its own sake. Instead, he consistently anchors these concepts in practical examples drawn from SOC operations, leadership environments, and enterprise security programs. His treatment of issues such as alert fatigue, security awareness training, and leadership behavior reflects a clear understanding of day-to-day operational realities. Throughout the book, one message is clear: for cybersecurity professionals, understanding and influencing behavior is just as important as deploying firewalls or encryption protocols.
Overall, Behavioral Insights in Cybersecurity is a mandatory read for today’s cybersecurity leaders and practitioners. It challenges long-standing assumptions about users and places responsibility where it belongs—on leadership, design, and culture. This book is a valuable resource for CISOs, CIOs, risk leaders, educators, and graduate students who want to integrate behavioral science into cybersecurity strategy in a practical, sustainable way.
Dr. Tim Godlove
The title tells the story.
Sachs joins a growing and important cadre of deeply experienced cybersecurity experts with his clarion call for a cultural shift across the cybersecurity landscape. He argues that while technical expertise is a given organizations must also recognize and mitigate the behaviors—human factors--that underpin close to 95 percent of cyber incidents. To make his case Sachs melds his unique expertise in both behavioral science and cybersecurity to demonstrate the nexus between the two worlds. Breaking down the stovepipes that separate them and integrating them into a coherent sustainable program means recognizing and mitigating the mental errors rooted in of deeply seeded cognitive biases that drive the behaviors.
These mental errors are not deliberate, but hardwired into how our brains, consciously or not, process information. For purely technical experts the behavioral science that drives the analysis may raise questions about its necessity—why not just accept they exist and move on--but it’s not that easy. Sach’s is asking technically savvy managers to rethink how they do business end to end and I would argue that reading is believing and skipping or skimming over the science will leave recalcitrant readers unconvinced and the stovepipes intact.
Sach’s analysis is rooted in two important strengths.
A deep understanding of cognitive bias. Sachs draws on multiple well known sources to outline the most commonly understood cognitive biases that more often or not lead to poor outcomes and place a cybersecurity framework to explain their impact. Sach’s raises the biases early on and then again throughout the book in differing contexts as he explains how to mitigate them as managers gradually reset their team.
…and a well-tuned understanding of how to counter them. As he presses for cultural transformation Sachs introduces a wide range of often well-known management tools and models he has used to affect change, including for example, the work of John Kotter and Daniel Kahneman.
Sach’s path is well structured. After Sachs details his social science orientation in the introduction and first two chapters he begins in Chapter Three to integrate the impact of human factors—behaviors—on the performance of cybersecurity teams that foreshadows later chapters. Here, for example, he first raises insider threats and social engineering.
Chapters 4 through 6 are the heart of Sach’s analysis. He diagnoses applicable cognitive biases and makes detailed programmatic suggestions to mitigate them. Each chapter calls for rethinking a different dimension of their cyber programs and he includes road maps for implementation, lists to go by, and goals and short case studies to illustrate his points.
• Chapter 4 emphasizes the importance of developing an organizational culture built around an agreed upon understanding of their organization’s vision, mission and values.. I appreciated his reference to John Kotter’s seminal work on managing and leading change initiatives and the National Institute of Standards and Technology model that emphasizes a disciplined approach to governance and risk management.
• Chapter 5 provides a more structured approach to balancing human factors and technology. Central of Sach’s analysis his how he adapts Maslow’s well practiced Hierarchy of Needs to what he labels a Technology Needs Strategy Pyramid that illustrates progression toward building a shared operating environment. Skipping foundational layers— "rushing to the shiny objects"—leads to failed transformation initiatives.
• Chapter 6 is entitled “Decision Hygiene,” a term less commonly used to describe how to minimize the impact of cognitive biases on decision making. Again, he reviews common biases and cites multiple mental models to “wash decisions.” Case studies again help make his points.
• Chapters 7 – through 9, respectively, look at managing the broad impact of AI on cyber security, balancing cyber security and privacy, and a look ahead.
Each chapter begins with a set of objectives and ends with a summary and bibliography. A final summary at the at the end of the book serves as one last clearly written reminder.
Jay Grusin, PhD
Descriere
Behavioral Insights in Cybersecurity: A Guide to Digital Human Factors by Dr. Dustin S. Sachs is a timely and essential resource for cybersecurity professionals, leaders, and organizational strategists seeking to understand the powerful role of human behavior in shaping digital security outcomes.