The increased reliance of organizations on information technology inherently increases their vulnerability to cyber-security attacks. As a response, a host of cyber-security approaches exists. While useful, these approaches exhibit shortcomings such as an inclination to be fragmented, not accounting for up-to-date organizational data, focusing on singular vulnerabilities only, and being reactive, i.e., focusing on patching up vulnerabilities in current systems. The paper presents and evaluates a modeling method aiming to address those shortcomings and to support security by design with a focus on the electricity sector. The proposed modeling method encompasses a multi-level reference model reconstructing and integrating existing initiatives and supporting top-down and bottom-up analyses. Compared to earlier work, the paper contributes (1) a process model for cyber-security by design, which proactively considers security as a first-class citizen during the design process, (2) a complete coverage of the multi-level model, in terms of three views complementing the introduced process model, (3) an elaborated evaluation, in terms of reporting on an additional design science cycle.

Enterprise Architecture (EA) debt emerges when short-term decisions lead to structural inefficiencies that hinder organizational agility and strategic alignment. This paper applies Work System Theory (WST) to categorize and analyze EA debt, offering a structured approach to identifying and managing it. We highlight key challenges, research gaps, and future directions by mapping EA debt to WST components. The findings emphasize the need for adaptive frameworks, improved stakeholder engagement, and systematic debt management strategies.

Sweden’s recent NATO membership marks a significant shift in the country’s national security strategy, particularly concerning cybersecurity. This study has assessed the current cybersecurity landscape in Sweden by conducting interviews with experts within the public sector and through document analysis. The interviewees included academics, researchers, and government officials from the municipal level to parliament. The study concludes how the threat environment has evolved following Sweden’s NATO membership. The study has identified key cyber threats facing Sweden, primarily from state-sponsored actors such as Advanced Persistent Threat (APT) groups and cybercriminal organizations targeting critical infrastructure. The study has also found disparities in cybersecurity preparedness between Sweden’s military and civilian sectors. The study emphasizes the need to strengthen civilian cybersecurity to reach a similar preparedness as the military to adapt to NATO’s requirements and stand ards.

Critical infrastructure (CI) faces a growing threat of cyber-attacks as digitalization expands across industries, necessitating robust cyber-security measures. This study focuses on the challenges of securing CI in Luxembourg, exploring both regulatory and organizational aspects. Semi-structured interviews with chief information security officers (CISOs) within Luxembourg’s CI sectors were conducted to gather insights. Thematic analysis revealed six key challenge themes: Regulatory Compliance, Industry Landscape and Adaptation, Resource Management, External Collaboration and Support, IT Infrastructure Management, and Operational Governance. The findings underscore the need for a comprehensive, multi-faceted approach involving international regulation alignment, streamlined reporting, enhanced national cyber-security support, government initiatives, and ongoing harmonization efforts across nations to address cyber-security challenges in critical infrastructure effectively.

Phishing attacks, a cybercrime where attackers deceive victims into revealing personal and financial information, present significant threats to cloud-based systems. Securing these environments has become paramount with the growing adoption of cloud services. This study addresses the research question: ”What is the overall perception of strategies in scientific publications to counter phishing attacks targeting cloud services?” Using a systematic literature review approach, the research synthesized findings from 13 selected scientific articles, focusing on technical and social defense strategies against phishing. The study highlights the human factor as a critical vulnerability despite existing technical solutions like advanced authentication, IDS (Intrusion Detection System), and machine learning. Effective defense requires combining technical measures with user education and adapting to evolving phishing strategies. It calls for greater integration of social aspects into technical solutions and targeted research on cloud-specific defenses and AI’s role in phishing mitigation.

The MISSION project aims to improve efficiency and reduce greenhouse gas emissions (GHG) in maritime transport by enabling just-in-time (JIT) port calls through digital coordination. Many ports still operate on a f irst-come-first-served (FCFS) basis, leading to unnecessary waiting times, fuel waste, and emissions. MISSION addresses these challenges by developing an interoperable, real-time optimization tool that supports better communication and collaboration between ships, ports, and hinterland logistics. This article presents the current state of the project.

This study evaluates the preparedness of Swedish critical infrastructure for the NIS2 directive, which sets enhanced EU standards for information- and cybersecurity. The research reveals a generally low competence level, highlighting a lack of readiness for the directive’s requirements. Variations in competence are influenced by organizational size, resource availability, and existing strategic processes. Larger organizations with roles like CISOs tend to have higher competence levels, yet significant gaps remain in meeting the directive’s demands. The study emphasizes the need for comprehensive business and gap analyses to identify critical areas for improvement. Organizations should adopt strategic, systematic approaches to cybersecurity that integrate with existing processes. Enhancing competencies requires increased investment in education and training, supported by leadership committed to fostering a robust security culture. The NIS2 directive should be seen not as a regulatory burden but as an opportunity to enhance resilience against cyber threats. Methodologically, the study uses a consistent semi-structured interview approach with experts and authorities to ensure validity and reliability. Although the qualitative nature of the research limits generalizability, it offers critical insights into Sweden’s cybersecurity readiness and the need for strategic improvements.

Developing domain-specific Meta Attack Languages (MAL) is essential yet labor-intensive in cybersecurity threat modeling, demanding technical expertise to convert unstructured knowledge into formal models. This study presents MAL-LLM, a system that leverages Large Language Models (LLMs) to automate the generation of MAL languages from sources like technical documentation and incident reports. Using a Design Science Research approach, MAL-LLM produces syntactically correct and semantically rich MAL-Languages more efficiently than manual methods. It outperforms a baseline LLM and human-created models in speed and structural accuracy, with minimal errors. Qualitative evaluation via the ExPerT framework shows high recall and domain relevance, though precision varies with source complexity. The system also generates executable MAL-related files for integration into existing toolchains. This work shows that LLMs can reduce development time and improve model quality, though challenges like hallucination control and stylistic consistency remain.

The MISSION project aims to revolutionize maritime transport by developing a digital tool for real-time optimization of port calls and voyages, thereby reducing fuel consumption, cutting greenhouse gas emissions, and decreasing waiting times through enhanced coordination and information sharing among stakeholders. However, the security of the involved IT systems is critical to ensure safe and reliable operations.

This paper introduces harborLang, a novel threat modeling language tailored for the maritime sector, built on the Meta Attack Language (MAL) framework. harborLang addresses the unique security challenges in maritime transport by enabling the modeling and mitigation of potential threats through detailed attack simulations. By integrating harborLang with the Yet Another Cybersecurity Risk Assessment Framework (YACRAF), the project enhances its risk analysis capabilities, allowing for precise threat scenarios that reflect the maritime environment's complexities. The combined use of harborLang and YACRAF facilitates comprehensive cybersecurity risk assessments, significantly improving decision-making, operational safety, and the overall cybersecurity posture of maritime and port operations.