Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Prototype For HI²Ping Information Security Culture and Awareness Training
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
2012 (English)In: 2012 International Conference on E-Learning and E-Technologies in Education (ICEEE), Institute of Electrical and Electronics Engineers (IEEE), 2012, p. 32-36Conference paper, Published paper (Refereed)
Abstract [en]

In this short paper, we propose a security culture and awareness training platform that suite different learning styles and preferences. The objective is to operationalize the platform for improving individuals security awareness and learn more about their security mental models as well as how their cultural background influence their perception of security. Useful application of the tool is to enhance the effectiveness of security knowledge transfer in a security incident response process management and to develop staff commitment to security policies at organizations. The tool can also help on enabling a global security culture by creating a common understanding of security best practices. Qualitative results show the tool can play a promising role in security education as it combines different mediums for communicating the required information to fit the audience different learning styles.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2012. p. 32-36
Keywords [en]
Security Culture, Security Mental Models, Learning Styles, Security Awareness
National Category
Information Systems
Research subject
Computer and Systems Sciences
Identifiers
URN: urn:nbn:se:su:diva-100722DOI: 10.1109/ICeLeTE.2012.6333397ISBN: 978-1-4673-1679-8 (print)ISBN: 978-1-4673-1678-1 (electronic)OAI: oai:DiVA.org:su-100722DiVA, id: diva2:695730
Conference
2012 International Conference on e-Learning and e-Technologies in Education (ICEEE), Lodz, Poland, 24-26 September, 2012
Available from: 2014-02-12 Created: 2014-02-12 Last updated: 2019-04-17Bibliographically approved
In thesis
1. Cybersecurity Incident Response: A Socio-Technical Approach
Open this publication in new window or tab >>Cybersecurity Incident Response: A Socio-Technical Approach
2019 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

This thesis examines the cybersecurity incident response problem using a socio-technical approach. The motivation of this work is the need to bridge the knowledge and practise gap that exists because of the increasing complexity of cybersecurity threats and our limited capability of applying cybersecurity controls necessary to adequately respond to these threats. Throughout this thesis, knowledge from Systems Theory, Soft Systems Methodology and Socio-Technical Systems is applied to examine and document the socio-technical properties of cybersecurity incident response process. The holistic modelling of cybersecurity incident response process developed concepts and methods tested to improve the socio-technical security controls and minimise the existing gap in security controls.

The scientific enquiry of this thesis is based on pragmatism as the underpinning research philosophy.  The thesis uses a design science research approach and embeds multiple research methods to develop five artefacts (concept, model, method, framework and instantiation) outlined in nine peer-reviewed publications. The instantiated artefact embraces the knowledge developed during this research to provide a prototype for a socio-technical security information and event management system (ST-SIEM) integrated with an open source SIEM tool. The artefact relevance was validated through a panel of cybersecurity experts using a Delphi method. The Delphi method indicated the artefact can improve the efficacy of handling cybersecurity incidents.

Place, publisher, year, edition, pages
Stockholm: Department of Computer and Systems Sciences, Stockholm University, 2019. p. 133
Series
Report Series / Department of Computer & Systems Sciences, ISSN 1101-8526 ; 19-007
Keywords
cybersecurity incident response, SIEM, cybersecurity warning systems, socio-technical approach, organisation security culture
National Category
Computer Systems Information Systems, Social aspects
Research subject
Computer and Systems Sciences
Identifiers
urn:nbn:se:su:diva-167873 (URN)978-91-7797-715-5 (ISBN)978-91-7797-716-2 (ISBN)
Public defence
2019-06-07, L30, NOD-huset, Borgarfjordsgatan 12, Kista, 10:00 (English)
Opponent
Supervisors
Available from: 2019-05-15 Created: 2019-04-10 Last updated: 2019-05-15Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Search in DiVA

By author/editor
Al Sabbagh, BilalAmeen, Marihan
By organisation
Department of Computer and Systems Sciences
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 191 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf