Cybersecurity Awareness by Unknown
Author:Unknown
Language: eng
Format: epub
ISBN: 9783031042270
Publisher: Springer International Publishing
5.5.4.1 Awareness Requirements, Baseline Level
For interpreting the baseline level of awareness, which is the state of cybersecurity awareness at the beginning of the project, we combine the scenario of cybersecurity decision-making with inferences from the user stories. In our discussion, we focus on system administrators (level 3 of evaluation), but also on relevant aspects of the organisation (level 4).
A1, Perception (The âAâ in âA1â signifies âawarenessâ): Threat perception at baseline is not immediate, as it usually depends on the system administrator (the user) being informed of an incident (by a service user, or a system alert). Then, the user has to identify the threat, discover its possible impact, such as inferring when the issue probably appeared, in what part of the municipality network, or with which employees. Our understanding is that the focus in both municipalities is on threat identification, and less on the other processes (comprehension, projection, decision-making). Base-level perception is not immediate, identification can be time-consuming, focuses on individual service users, and is local (part of the system), not (whole) system oriented.
A2, Comprehension: For further understanding of a threat, if it is not already well known, a system administrator has to access the same resources as for identification. Searching for and reading relevant information may take time, depending on the experience of the administrator, and often does not happen at all. The administrator may have to research log-files of the system, and maybe of particular services, to figure out what exactly is the problem. System administrators may do this, if they are responsible for the network or a part of it. If their role is to manage the database of a particular service, they may not be interested in such log files. In that case, communication with another specialist is needed, for exchange of information about the threat to be collected and understood.
For awareness this means that for a system administrator resolving a threat, full comprehension is not always necessary, and sharing information is only needed sometimes. Therefore, comprehension is limited, both at the individual and at the organisational levels.
A3, Projection: If the system administrator wants to understand the risks imposed by a threat to a system node, as well as to the other nodes, and which services will be in danger, a thorough understanding of the network as well as of the information flow in which the affected nodes are involved is a requirement. As awareness often is distributed, these aspects of resolution are a problem for users, especially in larger organisations. Users may be very knowledgeable about their own service, but may not always oversee the possible implications for the rest of the network.
For awareness, this means that projection is local, and users may lack the knowledge to research their network. In Larissa, communicating with colleagues often solved the problem. In Rome, such communication may be more complicated, and require the intervention of management.
A4: Decision: The final phase is called decision-making, and this involves several different actions. In the baseline situation, it usually means resolving the threat, for example by applying a patch or update, or blocking a user or part of the network.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
| AI & Machine Learning | Bioinformatics |
| Computer Simulation | Cybernetics |
| Human-Computer Interaction | Information Theory |
| Robotics | Systems Analysis & Design |
Algorithms of the Intelligent Web by Haralambos Marmanis;Dmitry Babenko(8332)
Test-Driven Development with Java by Alan Mellor(7024)
Data Augmentation with Python by Duc Haba(6946)
Principles of Data Fabric by Sonia Mezzetta(6678)
Learn Blender Simulations the Right Way by Stephen Pearson(6589)
Microservices with Spring Boot 3 and Spring Cloud by Magnus Larsson(6448)
Hadoop in Practice by Alex Holmes(5977)
RPA Solution Architect's Handbook by Sachin Sahgal(5840)
Jquery UI in Action : Master the concepts Of Jquery UI: A Step By Step Approach by ANMOL GOYAL(5831)
The Infinite Retina by Robert Scoble Irena Cronin(5543)
Big Data Analysis with Python by Ivan Marin(5507)
Life 3.0: Being Human in the Age of Artificial Intelligence by Tegmark Max(5182)
Pretrain Vision and Large Language Models in Python by Emily Webber(4471)
Infrastructure as Code for Beginners by Russ McKendrick(4259)
Functional Programming in JavaScript by Mantyla Dan(4059)
The Age of Surveillance Capitalism by Shoshana Zuboff(3981)
WordPress Plugin Development Cookbook by Yannick Lefebvre(3965)
Embracing Microservices Design by Ovais Mehboob Ahmed Khan Nabil Siddiqui and Timothy Oleson(3768)
Applied Machine Learning for Healthcare and Life Sciences Using AWS by Ujjwal Ratan(3742)
