Browse By Repository


Understanding the Root Cause of Cybersecurity Incidents Through DuPont’s Dirty Dozen Framework


Allen, Anak Peter Diman and T.K.A, Rahman (2024) Understanding the Root Cause of Cybersecurity Incidents Through DuPont’s Dirty Dozen Framework. International Journal of Business and Technology Management, 6 (3). pp. 226-241.

[img] Text
27566-1318-92913-1-10-20240902.pdf

Download (288kB)

Abstract

Cybersecurity incidents, such as data breaches, posea significant threat to organisations. Shockingly, 95% of these incidents occur due to human errors. Despite organisations making substantial efforts to reduce the likelihood of such occurrences through technological and non-technological means, the frequency of these incidents has been increasing. Previously, organisations relied on technology as the primary barrier to minimise cybersecurity incidents and achieve their objectives. Although research indicates that humans are the weakest link in an organisation's efforts to combat cybersecurity incidents, organisations still consider technology as the key to improving security defences. Therefore, the researchers suggest improving human interventions should precede technological means to overcome the problem. They propose that existing information security plans should consider human factors in cybersecurity risk management. Prioritising an understanding of human factors in managing information security can help organisations identify the relationships between various dimensions of human errors and cybersecurity incidents. To achieve this, the paper suggests solving the human factor problem in cybersecurity incidents by explaining how DuPont's Dirty Dozen framework, commonly used in aviation, can help understand why cybersecurity incidents and accidents occur. The framework lists twelve human behaviours that can be used to understand the relationships between various dimensions of human errors and cybersecurity incidents. By understanding these relationships, organisations can improve their cybersecur

Item Type: Journal
Uncontrolled Keywords: Cybersecurity, Cybersecurity Incidents, Dirty Dozen, Human Errors, Human Factors
Divisions: School of Graduate Studies
Depositing User: Muhamad Aizat Nazmi Mohd Nor Hamin
Date Deposited: 06 May 2025 03:17
Last Modified: 06 May 2025 03:17
URI: http://ur.aeu.edu.my/id/eprint/1339

Actions (login required)

View Item View Item