EXPLORE PUBLICATIONS BY COUNTRIES


	EUROPE

	MIDDLE EAST

	ASIA

	AFRICA
.............................

	United States of America

	United Kingdom

	Canada

	Australia

	Italy

	France

	Brazil

	Germany

	Malaysia

	Turkey

	China

	Taiwan

	Japan

	Saudi Arabia

	Jordan

	Egypt

	United Arab Emirates

	India

	Nigeria

Human-Centric Artificial Intelligence In Cybersecurity: Integrating Cyberpsychology for The Next Generation Defense Mechanisms

Troy Coienth Troublefield

Pages - 1 - 25 | Revised - 01-04-2025 | Published - 30-04-2025

Published in International Journal of Security (IJS)

Volume - 16 Issue - 1 | Publication Date - April 2025 Table of Contents

MORE INFORMATION

References | Abstracting & Indexing

KEYWORDS

Artificial Intelligence (AI), Cyberpsychology, Human-Centric, Cybersecurity Defenses, Behavioral Insights, Cognitive Biases, Emotional Triggers, Phishing Prevention, Insider Threat, Mitigation, Adaptive Systems.

ABSTRACT

Artificial Intelligence (AI) has become a cornerstone of modern cybersecurity, enabling systems capable of detecting, mitigating, and responding to cyber threats with remarkable efficiency. Despite these advancements, a critical gap remains in addressing the human element is a major factor in cybersecurity vulnerabilities. Studies reveal that over 85% of breaches are attributable to human error, including cognitive biases, emotional triggers, and habitual behaviors. Traditional AI systems primarily focus on technical vulnerabilities, such as malware or network breaches, often neglecting these human dimensions. This oversight leaves organizations vulnerable to sophisticated attacks that exploit psychological weaknesses, including phishing, social engineering, and insider threats. Integrating cyberpsychology, the study of human behavior in digital environments, into AI systems offers a transformative approach to addressing these challenges. By leveraging insights into how individuals interact with technology, human-centric AI systems can predict and mitigate errors, guide users in real-time, and foster secure behaviors. For instance, emotion-aware AI can detect user frustration during password resets and offer tailored assistance, thereby reducing user errors and boosting satisfaction. Similarly, gamified training platforms incentivize engagement, enhancing awareness and long-term adherence to secure practices. Behavioral threat modeling, informed by cyberpsychology, further strengthens security by identifying anomalies, such as unusual login activity, and proactively addressing potential risks before incidents occur. This research explores the theoretical foundations, empirical evidence, and practical applications of human-centric AI in cybersecurity through a qualitative case study approach examining three distinct organizational contexts. The findings demonstrate substantial improvements in security outcomes when psychological principles are integrated into AI-driven systems, including a 48% reduction in phishing incidents, 92% accuracy in identifying potential insider threats, and significant improvements in security awareness through gamified training. These improvements highlight how merging technical innovation with psychological understanding enables adaptive, user-centered defenses that empower individuals while significantly reducing organizational risk. The human-centric approach establishes a new benchmark for resilient and effective cybersecurity strategies that address both technical and human dimensions of security.

REFERENCES

Aigbefo, Q. A., Blount, Y., & Marrone, M. (2022). The influence of hardiness and habit on security behaviour intention. Behaviour & Information Technology, 41(6), 1151-1170. https://doi.org/10.1080/0144929X.2020.1856928

Al-Hamar, Y., Kolivand, H., & Al-Hamar, A. (2024). Anti-phishing Attacks in Gamification. In Encyclopedia of Computer Graphics and Games (pp. 117-122). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-031-23161-2_383

Al-Hashem, N., & Saidi, A. (2023). The psychological aspect of cybersecurity: understanding cyber threat perception and decision-making. International Journal of Applied Machine Learning and Computational Intelligence, 13(8), 11-22. Retrieved from https://neuralslate.com/index.php/Machine-Learning-Computational-I/article/view/41

Albarrak, A. M. (2024). Integration of Cybersecurity, Usability, and Human-Computer Interaction for Securing Energy Management Systems. Sustainability (2071-1050), 16(18). https://doi.org/10.3390/su16188144

Alsharida, R. A., Al-rimy, B. A. S., Al-Emran, M., & Zainal, A. (2023). A systematic review of multi perspectives on human cybersecurity behavior. Technology in Society, 73, 102258. https://doi.org/10.1016/j.techsoc.2023.102258

Binns, R. (2018). Fairness in machine learning: Lessons from political philosophy. Proceedings of the 2018 Conference on Fairness, Accountability, and Transparency, 149–159. https://doi.org/10.1145/3287560.3287583

Buchanan, T., Pavlickov�, A., B�sch, R., & Fernandes, M. (2021). Exploring the relationship between cognitive biases and susceptibility to phishing. Journal of Cybersecurity, 7(1), tyab017. https://doi.org/10.1093/cybsec/tyab017

Canfield, C. I., Fischhoff, B., & Davis, A. (2016). Quantifying phishing susceptibility for detection and behavior decisions. Human Factors, 58(8), 1158–1172. https://doi.org/10.1177/0018720816678612

Cram, W. A., Proudfoot, J. G., & D�arcy, J. (2017). Organizational information security policies: a review and research framework. European Journal of Information Systems, 26(6), 605-641. https://doi.org/10.1057/s41303-017-0059-9

Eswaran, U., Eswaran, V., Murali, K., & Eswaran, V. (2024). Human-Centric AI Balancing Innovation with Ethical Considerations in the Age of Soft Computing. In Soft Computing in Industry 5.0 for Sustainability (pp. 87-116). Cham: Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-69336-6_4

Feraru, I., & Bacali, L. (2024). Explore the intersection of Self-Determination Theory and cybersecurity education-A literature review. International Journal of Advanced Statistics and IT&C for Economics and Life Sciences, 14(1).https://doi.org/10.2478/ijasitels-2024-0017

Floridi, L., & Cowls, J. (2019). A unified framework of five principles for AI in society. Harvard Data Science Review, 1(1). https://doi.org/10.1162/99608f92.8cd550d1

Hadlington, L. (2017). Human factors in cybersecurity: Examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky online behaviours. Heliyon, 3(7), e00346. https://doi.org/10.1016/j.heliyon.2017.e00346

Houser, A. M., & Bolton, M. L. (2025). Formal Mental Models for Human-Centered Cybersecurity. International Journal of Human-Computer Interaction, 41(2), 1414-1430. https://doi.org/10.1080/10447318.2024.2314353

IBM Security. (2023). Cost of a Data Breach Report 2023. Retrieved from https://www.ibm.com/security/data-breach

Kadena, E., & Gupi, M. (2021). Human factors in cybersecurity: Risks and impacts. Security Science Journal, 2(2), 51-64. https://doi.org/10.37458/ssj.2.2.3

Krylova-Grek, Y. (2019). Psycholinguistic aspects of humanitarian component of cybersecurity. Psycholinguistics, 26(1), 199-215. https://doi.org/10.31470/2309-1797-2023-34-1-111-128

Medoh, C., & Telukdarie, A. (2022). The future of cybersecurity: a system dynamics approach. Procedia Computer Science, 200, 318-326. https://doi.org/10.1016/j.procs.2022.01.230

Metwally, E. A., Haikal, N. A., & Soliman, H. H. (2022). Detecting semantic social engineering attack in the context of information security. In Digital Transformation Technology: Proceedings of ITAF 2020 (pp. 43-65). Springer Singapore. https://doi.org/10.1007/978-981-16-2275-5_3

Nobles, C. (2018). Botching human factors in cybersecurity in business organizations. HOLISTICA–Journal of Business and Public Administration, 9(3), 71-88. https://doi.org/10.2478/hjbpa-2018-0024

Nurse, J. R. C., Creese, S., Goldsmith, M., & Lamberts, K. (2019). Understanding insider threat: A framework for characterizing attacks. Journal of Organizational Computing and Electronic Commerce, 29(4), 269-298. https://doi.org/10.1080/10919392.2019.1630125

Palaniappan, S., Logeswaran, R., Khanam, S., & Gunawardhana, P. (2025). Social engineering threat analysis using large-scale synthetic data. Journal of Informatics and Web Engineering, 4(1), 70-80. https://doi.org/10.33093/jiwe.2025.4.1.6

Parsons, K., Butavicius, M., Delfabbro, P., & Lillie, M. (2019). Predicting susceptibility to social influence in phishing emails. International Journal of Human-Computer Studies, 128, 17-26. https://doi.org/10.1016/j.ijhcs.2019.02.007

Pollini, A., Callari, T. C., Tedeschi, A., Ruscio, D., Save, L., Chiarugi, F., & Guerri, D. (2022). Leveraging human factors in cybersecurity: an integrated methodological approach. Cognition, Technology & Work, 24(2), 371-390. https://doi.org/10.1007/s10111-021-00683-y

Renaud, K., & Zimmermann, V. (2018). Ethical guidelines for nudging in information security & privacy. International Journal of Human-Computer Studies, 120, 22-35. https://doi.org/10.1016/j.ijhcs.2018.05.011

Statista. (2023). Global phishing statistics 2023. Retrieved from https://www.statista.com

Tsohou, A., Karyda, M., & Kokolakis, S. (2015). Analyzing the role of cognitive and cultural biases in the internalization of information security policies: Recommendations for information security awareness programs. Computers & Security, 52, 128-141. https://doi.org/10.1016/j.cose.2015.04.006

Vishwanath, A., Herath, T., Chen, R., Wang, J., & Rao, H. R. (2018). Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model. Decision Support Systems, 51(3), 576-586. https://doi.org/10.1016/j.dss.2011.03.002

Xu, T., & Rajivan, P. (2023). Determining psycholinguistic features of deception in phishing messages. Information & Computer Security, 31(2), 199-220. https://doi.org/10.1108/ICS-11-2021-0185

Yeo, L. H., & Banfield, J. (2022). Human factors in electronic health records cybersecurity breach: an exploratory analysis. Perspectives in Health Information Management, 19(Spring).

Yigit, Y., Kioskli, K., Bishop, L., Chouliaras, N., Maglaras, L., & Janicke, H. (2024). Enhancing cybersecurity training efficacy: A comprehensive analysis of gamified learning, behavioral strategies and digital twins. In 2024 IEEE 25th international symposium on a world of wireless, Mobile and Multimedia Networks (WoWMoM) (pp. 24-32). IEEE. https://doi.org/10.1109/WoWMoM60985.2024.00016

Zimmermann, V., & Renaud, K. (2019). Moving from a "human-as-problem" to a 'human-as-solution" cybersecurity mindset. International Journal of Human-Computer Studies, 131, 169-187. https://doi.org/10.1016/j.ijhcs.2019.05.005

Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H. N. (2022). Cyber security awareness, knowledge, and behavior: A comparative study. Journal of Computer Information Systems, 62(1), 82-97. https://doi.org/10.1080/08874417.2020.1712269

MANUSCRIPT AUTHORS

Dr. Troy Coienth Troublefield

Cyberpsychology, Capitol Technology University, Laurel, MD, 20708 - United States of America

ttroublefield@captechu.edu

CREATE AUTHOR ACCOUNT

LAUNCH YOUR SPECIAL ISSUE

View all special issues >>

PUBLICATION VIDEOS