Organizational Cybersecurity: Advanced Cyber Defense, Cyber Analytics, and Security Operations
Permanent URI for this collection
Browse
Recent Submissions
Item A Framework for Collecting and Processing Publicly Available Security Information into Actionable Threat Intelligence(2025-01-07) Sauerwein, Clemens; Haas, Christoph; Breu, RuthObtaining timely information on vulnerabilities, attacks, threats, countermeasures and risks is crucial in combating today's sophisticated and constantly evolving security threats. The required information can be obtained from different sources, ranging from inter-organizational threat intelligence sharing platforms to publicly available security information sources. However, the heterogeneity of available information sources poses a major challenge for automatic collection and processing into actionable threat intelligence. To address this challenge, the following paper investigates methods for collecting and processing security information from diverse, heterogeneous sources into actionable threat intelligence. We present a generic extensible framework that enables the automatic generation of actionable threat intelligence from a variety of unstructured and structured security information sources.Item Moral Intensity Dimensions of Information Security Policy Compliance: Perspectives of Construal Level Theory and Ethical Theories(2025-01-07) Zheng, Dailin (Ellen); Walter, ZhipingSanctions are often ineffective in promoting employee compliance with information systems security policies (ISSPs) and may lead to undesired outcomes. We establish that ISSP compliance is an ethical decision and examine it through the lens of ethical decision-making using scenario-based surveys. Guided by normative ethical theories and the construal level theory, we find that both the opinions of co-workers and perceived negative consequences of noncompliance to the organization influence employee ISSP compliance intention. Additionally, perceived social distance affects employees’ assessment of when damages to the organization can occur. Both the assessed timing of damage and the perceived social distance from the organization influence employees’ judgment of potential damages from security breaches resulting from noncompliance. To improve compliance, we recommend organizations align employee compliance motivation with organizational security interests through clear communications of potential security breach damages, fostering a pro-compliance culture, and reducing the psychological distance employees feel from the organization.Item Harmonizing Paradoxical Tensions in SOCs: A Strategic Model for Integrating AI, Automation, and Human Expertise in Cyber Defense and Incident Response(2025-01-07) Saadallah, Mehdi; Shahim, Abbas; Khapova, SvetlanaSecurity operations centers (SOCs) from public and private industries are under pressure to cope with the surge of cyberattacks, making paradoxical tensions in strategic navigation within security operations centers (SOCs) a priority. Our research advances our understanding of ambidexterity in the cybersecurity field and introduces an equilibrium path for adaptability, consistency, expediency, and authority paradoxes through the strategic integration of artificial intelligence (AI), automation, and human expertise. We developed a conceptual model that incorporates insights from the identified paradoxical tensions, cybernetic, organizational paradox, complexity, and decision-making theories, underlining the importance of leveraging technological advancements while retaining the indispensable insights of human judgment and emphasizing the iterative loop required for SOCs to adapt to new threats and maintain a consistent, authoritative approach. Our findings indicate that the dynamic equilibrium of paradoxical tensions is not a fixed state but a perpetual journey of adaptation and refinement in today’s complex digital landscapes.Item How to Successfully Implement Phishing Awareness Training in Organizations: A Technology Adoption Perspective(2025-01-07) Geppert, Tim; Dudas, Tibor; Zimmermann, Severin; Sutter, Thomas; Ebert, NicoPhishing awareness training (PAT) is crucial for protecting organizations against such attacks. While most debate focuses on innovative approaches or the effectiveness of training, organizational aspects of PAT adoption are often overlooked. Success in implementing new technology depends greatly on organizational factors, making understanding their influence on PAT adoption essential. This paper examines PAT adoption using the technology organization environment (TOE) framework, a standard model in technology adoption studies. Key organizational factors in Switzerland were identified through a literature review and expert interviews, including staff traits, behavior, reporting procedures, norms, policies, and ethics. Technological factors such as integration, personalization, and training content are also critical, while legal regulations and external support are essential from an environmental perspective. These factors are mapped to adoption phases to guide practitioners and researchers regarding the risks and opportunities at each stage of PAT adoption.Item A Survey-Based Quantitative Analysis of Stress Factors and Their Impacts Among Cybersecurity Professionals(2025-01-07) Arora, Sunil; Hastings, JohnThis study investigates the prevalence and underlying causes of work-related stress and burnout among cybersecurity professionals using a quantitative survey approach guided by the Job Demands-Resources model. Analysis of responses from 50 cybersecurity practitioners reveals an alarming reality: 44% report experiencing severe work-related stress and burnout, while an additional 28% are uncertain about their condition. The demanding nature of cybersecurity roles, unrealistic expectations, and unsupportive organizational cultures emerge as primary factors fueling this crisis. Notably, 66% of respondents perceive cybersecurity jobs as more stressful than other IT positions, with 84% facing additional challenges due to the pandemic and recent high-profile breaches. The study finds that most cybersecurity experts are reluctant to report their struggles to management, perpetuating a cycle of silence and neglect. To address this critical issue, the paper recommends that organizations foster supportive work environments, implement mindfulness programs, and address systemic challenges. By prioritizing the mental health of cybersecurity professionals, organizations can cultivate a more resilient and effective workforce to protect against an ever-evolving threat landscape.Item The Role of Safety Voice in Improving Organizational Information Security(2025-01-07) Marett, Kent; Marett, EmilyOrganizational information security programs are typically thought to be driven from the top-down, but allowing employees to offer input is thought to be part of a comprehensive security climate. In this study, we investigate the role of employee safety voice in improving a company’s information security program. The results of an experiment comparing four types of safety voice suggest that the manner in which input is offered could be important, but the source of the input may be even more important. Male employees appear to be more effective at influencing managerial intentions to improve security than female employees. The implications and future directions of this research are discussed.Item Introduction to the Minitrack on Organizational Cybersecurity: Advanced Cyber Defense, Cyber Analytics, and Security Operations(2025-01-07) Kocsis, David; Steiner, Stu; Shepherd, Morgan; Conte De Leon, Daniel