Bridging the Gap between Security Competencies and Security Threats: Toward a Cyber Security Domain Model
Bridging the Gap between Security Competencies and Security Threats: Toward a Cyber Security Domain Model
dc.contributor.author | Schütz, Florian | |
dc.contributor.author | Rampold, Florian | |
dc.contributor.author | Masuch, Kristin | |
dc.contributor.author | Köpfer, Patricia | |
dc.contributor.author | Mann, Dominik | |
dc.contributor.author | Warwas, Julia | |
dc.contributor.author | Trang, Simon | |
dc.date.accessioned | 2022-12-27T19:20:48Z | |
dc.date.available | 2022-12-27T19:20:48Z | |
dc.date.issued | 2023-01-03 | |
dc.description.abstract | Security incidents are increasing in a wide range of organizational types and sizes worldwide. Although various threat models already exist to classify security threats, they seem to take insufficient account of which organizational assets the threat events are targeting. Therefore, we argue that conducting more job-specific IT security training is necessary to ensure organizational IT security. This requires considering which assets employees use in their daily work and for which threat events employees need to build up IT security competencies. Subsequently, we build a framework-based Cyber Security Domain Model (CSDM) for IT-secure behavior. We follow the Evidence Centered Assessment Design (ECD) to provide a deep- dive analysis of the domain for IT-secure behavior. As the leading result relevant for research and practice, we present our CSDM consisting of 1,087 cyber threat vectors and apply it to five job specifications. | |
dc.format.extent | 10 | |
dc.identifier.doi | 10.24251/HICSS.2023.741 | |
dc.identifier.isbn | 978-0-9981331-6-4 | |
dc.identifier.uri | https://hdl.handle.net/10125/103375 | |
dc.language.iso | eng | |
dc.relation.ispartof | Proceedings of the 56th Hawaii International Conference on System Sciences | |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.subject | Organizational Cybersecurity: Advanced Cyber Defense, Cyber Analytics, and Security Operations | |
dc.subject | domain analysis | |
dc.subject | evidence centered assessment design | |
dc.subject | security threats | |
dc.subject | seta programs | |
dc.title | Bridging the Gap between Security Competencies and Security Threats: Toward a Cyber Security Domain Model | |
dc.type.dcmi | text | |
prism.startingpage | 6118 |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- 0596.pdf
- Size:
- 572.66 KB
- Format:
- Adobe Portable Document Format
- Description: