Cybersecurity, Privacy, and Trust

emerging Updated: 2026-05-31
cybersecurity privacy trust social-engineering usable-security human-factors-of-security hci

Cybersecurity, Privacy, and Trust

Status: emerging
Last updated: 2026-05-31
Sources: 9781119636113.Ch43.Pdf
Tags: [cybersecurity, privacy, trust, social-engineering, usable-security, human-factors-of-security, hci]

Summary

Cybersecurity is the protection of computers, networks, programs, and data from unintended or unauthorised access, change, or destruction, and the chapter examines it from a human-factors perspective alongside privacy and trust (Moallem, 2021). It treats trust in human-computer interaction as a long-studied construct extending social-psychological trust to computers and online systems. A central theme is that humans are often the weakest link, with social engineering and phishing exploiting people rather than technical defences.

Body

Context

Moallem (2021), in his handbook chapter on cybersecurity, privacy, and trust, examines security from a human-factors perspective. He defines cybersecurity as protecting computers, networks, programs, and data from unintended or unauthorised access, change, or destruction, and treats trust in human-computer interaction as a long-studied construct extending social-psychological trust to computers and online systems. Within this knowledge base the article is the usable-security strand of human-centered design: it shares the trust-calibration problem of Human Centered Design Of Ai, depends on the interface-quality concerns of Usability And User Experience and Website Design And Evaluation, and frames the user as a fallible component in the way Human Error And Reliability does.

Key Points

Cybersecurity protects digital assets across society. Governments, corporations, financial institutions, and hospitals collect, process, and store confidential information across networks, often without the data owner's specific approval, and the growing volume and sophistication of cyber-attacks makes protecting this information a persistent concern (PDF p. 2, orig. p. 1108).

Trust is a core human-factors construct in this domain. How people trust is widely studied in social psychology, and since the Internet and e-commerce became common, trust in computers and websites has been studied extensively. This treats trust as an attitude that designers must understand and earn rather than assume (PDF pp. 2–3, orig. pp. 1108–1109).

The human is frequently the weakest link. Moallem reports that attackers acquire more passwords by tricking users than by cracking security technically; despite technical controls, social engineering circumvents them by targeting people directly (PDF p. 2, orig. p. 1108). Social engineering — techniques hackers use to obtain valuable property or confidential information by manipulating people — and phishing, in which a fraudulent email or site is disguised as legitimate, exemplify this human attack surface and have rendered some traditional defences ineffective (PDF p. 6, orig. p. 1112).

Conclusion

Moallem (2021) concludes that security is a human-factors problem, not solely a technical one: because people are often the weakest link, defending against social engineering and phishing depends on usability, trust calibration, and the human-centered design of secure systems rather than on technical controls alone.

References

Moallem, A. (2021) 'Cybersecurity, Privacy, and Trust', in Salvendy, G. & Karwowski, W. (eds.) Handbook of Human Factors and Ergonomics. 5th edn. Hoboken, NJ: John Wiley & Sons. moallem2021cybersecurity

Open Questions

  • How can interfaces be designed to help users detect phishing and social-engineering attempts reliably?
  • How should trust in computer systems be calibrated so that users neither over-trust fraudulent systems nor under-trust legitimate ones?