ABSTRACT
The Cognitive Risk Framework for Cybersecurity (CRFC) is an overarching risk framework that integrates technology and behavioral science to create novel approaches in internal controls design that act as countermeasures lowering the risk of cognitive hacks. Intentional controls design recognizes the importance of trust in networked information systems by systematically engineering automation into internal controls design, reducing "cognitive load" for ensuring routine compliance and risk controls without human intervention. Cognitive informatics security is a rapidly evolving discipline within cybersecurity and healthcare, with diverse branches of discipline making it difficult to come up with one definition. The Cyber Risk Governance pillar (CRG) is concerned with the role of the board of directors and senior management in strategic planning and executive sponsorship of cybersecurity. The Cybersecurity Intelligence and Defense Strategies (CIDS) pillar is based on the principles of the 17-member Defense Intelligence and Intelligence community "Joint Intelligence" report.
