Bridging the Gap between Security Competencies and Security Threats: Toward a Cyber Security Domain Model
Loading...
Files
Date
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Interviewee
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
6118
Ending Page
Alternative Title
Abstract
Security incidents are increasing in a wide range of organizational types and sizes worldwide. Although various threat models already exist to classify security threats, they seem to take insufficient account of which organizational assets the threat events are targeting. Therefore, we argue that conducting more job-specific IT security training is necessary to ensure organizational IT security. This requires considering which assets employees use in their daily work and for which threat events employees need to build up IT security competencies. Subsequently, we build a framework-based Cyber Security Domain Model (CSDM) for IT-secure behavior. We follow the Evidence Centered Assessment Design (ECD) to provide a deep- dive analysis of the domain for IT-secure behavior. As the leading result relevant for research and practice, we present our CSDM consisting of 1,087 cyber threat vectors and apply it to five job specifications.
Description
Citation
Extent
10
Format
Geographic Location
Time Period
Related To
Proceedings of the 56th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Catalog Record
Local Contexts
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.