There is an increasing number of ICT systems (e.g. to communicate, do business, vote, control industrial processes or critical infrastructures, etc.) whose security depends intrinsically on human users. Concomitantly, there are many reported critical vulnerabilities that are due to users failing to follow security procedures or to behave as ICT scientists have decided is appropriate. A solution to this problem will only be found by addressing it radically differently, by treating it as a true socio-technical problem rather than just a technical one. We must understand how the technical components (e.g., software processes and digital communication protocols) and the social components (e.g., user interaction processes and user behaviour) of a system interoperate, and thus consider the system as a true socio-technical system, with people at its heart. This requires extending the technical analysis approaches with a mature understanding of human behaviour, as humans are complicated and nothing guarantees that, even if they learned how to operate a technology, either from a manual or through its use, they will comply with what they learned. Reasons include cognitive biases, fallacies, ignorance, distraction, laziness, curiosity of different uses, insufficient awareness of the security sensitivity of their behaviour, etc. This thesis focuses on developing an innovative methodology to analyse the sociotechnical security of ICT systems. To advance the state-of-the-art to the point where the wide spectrum of socio-technical security features of systems can be modelled formally and automatically analysed, this thesis aims to: (i) design a methodology to tackle the socio-technical security of systems; (ii) define a formal modelling language expressive enough to cover the diverse security features of socio-technical systems; (iii) define libraries of prototypical socio-technical security properties, behavioural user models, socio-technical attack/threat models; (iv) implement a toolkit, an integrated front-end to holistically conduct formal security analysis of socio-technical systems; (v) demonstrate a proof-of-concept on a number of archetypal case studies.