Skip to Main Content
Strengthen your email security practices with 50% off e-learning | Shop now
The psychology of information security

The Psychology of Information Security - Resolving conflicts between security compliance and human behaviour

SKU: 4736
Authors: Leron Zinatullin
Publishers: ITGP
Format: PDF
ISBN13: 9781849287906
Published: 26 Jan 2016
Availability: Available

Indispensable guide to help create a robust security culture that will be understood by your staff and the business.

  • Reveals the psychology behind information security to ensure the success of your security programme;
  • Provides advice and tips to mitigate many of the challenges faced in risk management; and
  • Includes valuable insights and recommendations to improve the culture and find the balance between security and productivity.

Pay by purchase order | Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

Price: 15,95 €

Security programmes cannot succeed without considering people

When implementing security polices, information security professionals are constantly faced with a conflict between the security team and the rest of the business. They must ensure that their organisation is adequately addressing information security risks, whilst also communicating the value of security appropriately.

David Ferbrache, Technical Director at KPMG UK, says “No approach can ever succeed without considering people – and as a profession we need to look beyond our computers to understand the business, the culture of the organisations, and, most of all, how we can create a security environment which helps people feel free to actually do their job.”

By gaining an understanding of the psychology of information security, you can ensure your security programme is a success.

Understand human behaviour and users’ motivations

Based on insights gained from academic research and interviews with security professionals from various sectors, this essential guide explains the importance of careful risk management and reveals how to align a security programme with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.

The Psychology of Information Security redresses the balance by considering information security from both end users’ and security professionals’ perspectives, and helps you to understand how a security culture, that puts risk into context, promotes compliance.

Look inside this book >>


  • Introduction to information security
  • Risk management
  • The complexity of risk management
  • Stakeholders and communication
  • Information security governance
  • Problems with policies
  • How security managers make decisions
  • How users make decisions
  • Security and usability
  • Security culture
  • The psychology of compliance
  • Conclusion – Changing the approach to security
  • Appendix: Analogies


Augusta University’s Cyber Institute adopted the book “The Psychology of Information Security” as part of our Master’s in Information Security Management program because we feel that the human factor plays an important role in securing and defending an organization…We want our students to not only understand technical and managerial aspects of security, but psychological aspects as well.”

- Director of Graduate Studies in Information Security Management - Augusta University

Series information

The Psychology of Information Security is part of the Fundamentals Series, co-published by IT Governance Publishing and Information Security Buzz.

Ensure the success of your security programme by understanding the psychology of information security with this indispensable guide >>

About the author

Leron Zinatullin

Leron Zinatullin ( is an experienced risk consultant specialising in cyber security strategy, management and delivery. He has led large-scale, global, high-value security transformation projects with a view to improve cost performance and support business strategy.

He has extensive knowledge and practical experience in solving information security, privacy and architectural issues across multiple industry sectors.

He has an MSc in information security from University College London, where he focused on the human aspects of information security. His research was related to modelling conflicts between security compliance and human behaviour.

Customer Reviews