Show simple item record

dc.contributor.authorEze, Thaddeus
dc.contributor.authorHawker, Neil
dc.date.accessioned2022-06-29T13:31:23Z
dc.date.available2022-06-29T13:31:23Z
dc.date.issued2022-07-22
dc.identifierhttps://chesterrep.openrepository.com/bitstream/handle/10034/626982/Eze_PatchingHumanVulnerability.pdf?sequence=1
dc.identifier.citationEze, T., & Hawker, N. (2022). CAP: Patching the human vulnerability. In N. Clarke & S. Furnell (Eds.), Human aspects of information security and assurance: 16th IFIP International Symposium, HAISA 2022, Mytilene, Lesbos, Greece, July 6–8, 2022, Proceedings (pp. 106-119). Springer.en_US
dc.identifier.isbn9783031121715
dc.identifier.doi10.1007/978-3-031-12172-2_9
dc.identifier.urihttp://hdl.handle.net/10034/626982
dc.description.abstractCyber threats to organisations across all industries are increasing in both volume and complexity, leading to significant, and sometimes severe, conse-quences. The common weakest link in organisations security is the human vulnerability. The sudden popularity of remote-working due to the Covid-19 pandemic opened organisations and their employees up to more risks, partic-ularly as many workers believe that they are more distracted when at home. Existing cyber training using a ‘one-size-fits-all’ approach has been proven inefficient/ineffective and the need for a more fit-for-purpose training is re-quired. When it comes to cyber training, we know that there is no single-training-fits-all solution – people have different technical skills, different prior knowledge and experience, are in different roles, exposed to different security risks, and require knowledge that is relevant to what they do. This study makes a case for tailored role-based cybersecurity training suitable for awareness within organisations across multiple industries. The study ex-plores the strengths and weaknesses of existing cyber training and literature to make recommendations on efficient awareness and training programme strategies. The study carries out knowledge and task analysis of job roles to create profiles of skills and knowledge they require. These are grouped by topic and level to form scenario-based multiple-choice questions which are mapped to create a Cyber Awareness Platform (CAP). A CAP prototype is in-troduced as a flexible web-based system allowing users to assess their prior knowledge and skills personalised to their role. Knowledge gaps and training needs are identified, and recommendations are tailored to the individual. Ini-tial analysis of CAP shows promising results, indicating that such role-sensitive solution would be highly beneficial to users. This offers further de-velopment opportunities in producing an all-in-one cyber assessment and training platform.en_US
dc.relation.urlhttps://haisa.org/en_US
dc.relation.urlhttps://link.springer.com/book/10.1007/978-3-031-12172-2
dc.rights.urihttps://creativecommons.org/licenses/by-nc-nd/4.0/en_US
dc.subjectCyber Awareness Platformen_US
dc.subjectCybersecurity Awarenessen_US
dc.subjectRole-based Trainingen_US
dc.subjectHuman Vulnerabilityen_US
dc.subjectTailored Cybersecurityen_US
dc.subjectTask Analysisen_US
dc.titleCAP: Patching the Human Vulnerabilityen_US
dc.typeConference Contributionen_US
dc.contributor.departmentUniversity of Chesteren_US
or.grant.openaccessYesen_US
rioxxterms.funderUnfundeden_US
rioxxterms.identifier.projectUnfundeden_US
rioxxterms.versionAMen_US
rioxxterms.licenseref.startdate2024-07-22
dcterms.dateAccepted2022-05-25
rioxxterms.publicationdate2022-07-22
dc.date.deposited2022-06-29en_US


Files in this item

Thumbnail
Name:
Eze_PatchingHumanVulnerability.pdf
Size:
470.3Kb
Format:
PDF

This item appears in the following Collection(s)

Show simple item record

https://creativecommons.org/licenses/by-nc-nd/4.0/
Except where otherwise noted, this item's license is described as https://creativecommons.org/licenses/by-nc-nd/4.0/