Security awareness versus secure behaviour

This bibliometric analysis examines the evolving role of human behavior and IT practices in shaping cybersecurity research and strategies. By leveraging VOSviewer, we analyse a comprehensive dataset of Scopus articles to explore key themes, keyword co-occurrence, and the intersection between human vulnerabilities and technological solutions. Our findings reveal a persistent gap in addressing the human factor, with keywords such as 'human error,' 'social engineering,' and 'awareness' frequently emerging as critical vulnerabilities. The analysis also highlights the inadequate integration of human-centric solutions by IT professionals, as evidenced by weak connections between 'employee awareness,' 'cyber hygiene,' and 'cybersecurity culture.' Despite advancements in technology, the study underscores that cybersecurity's effectiveness is often compromised by human behavior, suggesting a need for deeper engagement with user training, organizational culture, and behavioral change. This bibliometric analysis contributes to understanding the critical blind spots in cybersecurity research, offering valuable insights into the overlooked relationship between human behavior and IT practices in safeguarding digital infrastructures.