55,614 research outputs found
Gamification as a neuroergonomic approach to improving interpersonal situational awareness in cyber defense
In cyber threat situations, the establishment of a shared situational awareness as a basis for cyber defense decision-making results from adequate communication of a Recognized Cyber Picture (RCP). RCPs consist of actively selected information and have the goal of accurately presenting the severity and potential consequences of the situation. RCPs must be communicated between individuals, but also between organizations, and often from technical to non-/less technical personnel. The communication of RCPs is subject to many challenges that may affect the transfer of critical information between individuals. There are currently no common best practices for training communication for shared situational awareness among cyber defense personnel. The Orient, Locate, Bridge (OLB) model is a pedagogic tool to improve communication between individuals during a cyber threat situation. According to the model, an individual must apply meta-cognitive awareness (O), perspective taking (L), and communication skills (B) to successfully communicate the RCP. Gamification (applying game elements to non-game contexts) has shown promise as an approach to learning. We propose a novel OLB-based Gamification design to improve dyadic communication for shared situational awareness among (technical and non-technical) individuals during a cyber threat situation. The design includes the Gamification elements of narrative, scoring, feedback, and judgment of self. The proposed concept contributes to the educational development of cyber operators from both military and civilian organizations responsible for defending and securing digital infrastructure. This is achieved by combining the elements of a novel communication model with Gamification in a context in urgent need for educational input.publishedVersio
Gamification as a neuroergonomic approach to improving interpersonal situational awareness in cyber defense
In cyber threat situations, the establishment of a shared situational awareness as a basis for cyber defense decision-making results from adequate communication of a Recognized Cyber Picture (RCP). RCPs consist of actively selected information and have the goal of accurately presenting the severity and potential consequences of the situation. RCPs must be communicated between individuals, but also between organizations, and often from technical to non−/less technical personnel. The communication of RCPs is subject to many challenges that may affect the transfer of critical information between individuals. There are currently no common best practices for training communication for shared situational awareness among cyber defense personnel. The Orient, Locate, Bridge (OLB) model is a pedagogic tool to improve communication between individuals during a cyber threat situation. According to the model, an individual must apply meta-cognitive awareness (O), perspective taking (L), and communication skills (B) to successfully communicate the RCP. Gamification (applying game elements to non-game contexts) has shown promise as an approach to learning. We propose a novel OLB-based Gamification design to improve dyadic communication for shared situational awareness among (technical and non-technical) individuals during a cyber threat situation. The design includes the Gamification elements of narrative, scoring, feedback, and judgment of self. The proposed concept contributes to the educational development of cyber operators from both military and civilian organizations responsible for defending and securing digital infrastructure. This is achieved by combining the elements of a novel communication model with Gamification in a context in urgent need for educational input
A decision support system for corporations cyber security risk management
This thesis presents a decision aiding system named C3-SEC (Contex-aware Corporative
Cyber Security), developed in the context of a master program at Polytechnic Institute of
Leiria, Portugal. The research dimension and the corresponding software development
process that followed are presented and validated with an application scenario and case study
performed at Universidad de las Fuerzas Armadas ESPE – Ecuador.
C3-SEC is a decision aiding software intended to support cyber risks and cyber threats
analysis of a corporative information and communications technological infrastructure. The
resulting software product will help corporations Chief Information Security Officers
(CISO) on cyber security risk analysis, decision-making and prevention measures for the
infrastructure and information assets protection.
The work is initially focused on the evaluation of the most popular and relevant tools
available for risk assessment and decision making in the cyber security domain. Their
properties, metrics and strategies are studied and their support for cyber security risk
analysis, decision-making and prevention is assessed for the protection of organization's
information assets.
A contribution for cyber security experts decision support is then proposed by the means of
reuse and integration of existing tools and C3-SEC software. C3-SEC extends existing tools
features from the data collection and data analysis (perception) level to a full context-ware
reference model.
The software developed makes use of semantic level, ontology-based knowledge
representation and inference supported by widely adopted standards, as well as cyber
security standards (CVE, CPE, CVSS, etc.) and cyber security information data sources
made available by international authorities, to share and exchange information in this
domain. C3-SEC development follows a context-aware systems reference model addressing
the perception, comprehension, projection and decision/action layers to create corporative
scale cyber security situation awareness
Dynamic cyber-incident response
Permission to make digital or hard copies of this publication for internal use within NATO and for personal or educational use when for non-profi t or non-commercial purposes is granted providing that copies bear this notice and a full citation on the first page. Any other reproduction or transmission requires prior written permission by NATO CCD COE.Traditional cyber-incident response models have not changed significantly since the early days of the Computer Incident Response with even the most recent incident response life cycle model advocated by the US National Institute of Standards and Technology (Cichonski, Millar, Grance, & Scarfone, 2012) bearing a striking resemblance to the models proposed by early leaders in the field e.g. Carnegie-Mellon University (West-Brown, et al., 2003) and the SANS Institute (Northcutt, 2003). Whilst serving the purpose of producing coherent and effective response plans, these models appear to be created from the perspectives of Computer Security professionals with no referenced academic grounding. They attempt to defend against, halt and recover from a cyber-attack as quickly as possible. However, other actors inside an organisation may have priorities which conflict with these traditional approaches and may ultimately better serve the longer-term goals and objectives of an organisation
Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things
In the past, industrial control systems were ‘air gapped’ and
isolated from more conventional networks. They used
specialist protocols, such as Modbus, that are very different
from TCP/IP. Individual devices used proprietary operating
systems rather than the more familiar Linux or Windows.
However, things are changing. There is a move for greater
connectivity – for instance so that higher-level enterprise
management systems can exchange information that helps
optimise production processes. At the same time, industrial
systems have been influenced by concepts from the Internet
of Things; where the information derived from sensors and
actuators in domestic and industrial components can be
addressed through network interfaces. This paper identifies a
range of cyber security and safety concerns that arise from
these developments. The closing sections introduce potential
solutions and identify areas for future research
Recommended from our members
The THREAT-ARREST Cyber-Security Training Platform
Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed
Security Evaluation of Cyber-Physical Systems in Society- Critical Internet of Things
In this paper, we present evaluation of security
awareness of developers and users of cyber-physical systems. Our
study includes interviews, workshops, surveys and one practical
evaluation. We conducted 15 interviews and conducted survey with
55 respondents coming primarily from industry. Furthermore, we
performed practical evaluation of current state of practice for a
society-critical application, a commercial vehicle, and reconfirmed
our findings discussing an attack vector for an off-line societycritical
facility. More work is necessary to increase usage of security
strategies, available methods, processes and standards. The security
information, currently often insufficient, should be provided in the
user manuals of products and services to protect system users. We
confirmed it lately when we conducted an additional survey of
users, with users feeling as left out in their quest for own security
and privacy. Finally, hardware-related security questions begin to
come up on the agenda, with a general increase of interest and
awareness of hardware contribution to the overall cyber-physical
security. At the end of this paper we discuss possible
countermeasures for dealing with threats in infrastructures,
highlighting the role of authorities in this quest
- …