Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben

2022 | Buch

A Case for Cybersecurity Awareness Systems Kapitel lesen Erstes Kapitel lesen

Cybersecurity Awareness

herausgegeben von: Jerry Andriessen, Dr. Thomas Schaberreiter, Alexandros Papanikolaou, Juha Röning

Verlag: Springer International Publishing

Buchreihe : Advances in Information Security

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

This contributed volume tells the story of the establishment of a cybersecurity awareness framework for organizations, and how it was piloted in two public sector municipal contexts. It presents a clear picture of cybersecurity issues in municipalities and proposes a socio-technical solution for creating cybersecurity awareness, how to build the solution and what the impact is on the municipal contexts. The 9 chapters for this book also provide information regarding the design, the deployment and the evaluation of the technology.

This book builds on the success of the European Horizon 2020 research and innovation project CS-AWARE. The research proposes the first cybersecurity situational awareness solution for local public administrations based on an analysis of the context, provides automatic incident detection and visualization, and enables information exchange with relevant national and EU level authorities involved in legislation and network security.

Cybersecurity is one of the most challenging security problems for commercial companies, NGOs, governmental institutions as well as individuals. Reaching beyond the technology focused boundaries of classical information technology (IT) security, cybersecurity includes organizational and behavioral aspects of IT systems and that needs to comply to legal and regulatory framework for cybersecurity. While large corporations might have the resources to follow those developments and bring their IT infrastructure and services in line with the requirements, the burden for smaller organizations like local public administrations will be substantial and the required resources might not be available. New and innovative solutions that would help local public administration to ease the burden of being in line with cybersecurity requirements are needed.

This book targets researchers working in cybersecurity, computer scientists, social scientists and advanced level students studying computer science and other related disciplines. Cybersecurity professionals as well as professionals working in local government contexts, including policy makers, communication experts and system administrators will also benefit from this book.

Inhaltsverzeichnis

Frontmatter
Chapter 1. A Case for Cybersecurity Awareness Systems
Abstract
This Chapter intends to provide the context and environment leading to the development of the CS-AWARE cybersecurity awareness solution, which was comprehensively piloted and evaluated in the local public administration (LPA) use case during the CS-AWARE H2020 European research and innovation project. The Chapter assesses the main factors driving cybersecurity from a holistic multi-angle perspective, and reviews the currently actively developing European legislative cybersecurity environment, which is introducing a multi-level cybersecurity framework centred around awareness and cooperation/collaboration. Furthermore, this Chapter highlights in more detail the specific cybersecurity requirements for LPAs, which is heavily focused on the critical data they manage, and emphasizes why cybersecurity awareness plays such a crucial role in future collaborative cybersecurity in Europe, and why significant cybersecurity gains can be achieved by introducing awareness and collaboration in the context of cybersecurity management in organizations like LPAs. In the conclusion of this Chapter, we provide a brief outlook on the following chapters, which present the key aspects of the CS-AWARE cybersecurity awareness solution in greater detail.
Thomas Schaberreiter, Gerald Quirchmayr, Alexandros Papanikolaou
Chapter 2. The Socio-Technical Approach to Cybersecurity Awareness
Abstract
This chapter gives an overview of socio-technical systems, and socio-technical systems analysis. It describes the approach taken in conducting the Systems Dependency Analysis (SDA), and the part of the Soft Systems Methodology that was used to enable the participants in the workshops to describe and analyse their organisation’s systems, applications and networks.
Christopher Wills
Chapter 3. Story Telling
Abstract
In this chapter, we present our qualitative approach to understanding local cybersecurity awareness at the beginning of the project, that is, before the system was designed and implemented. We explain the rationale, the design and the outcomes of the one-day workshop, that we call the story-telling workshop. The purpose of the story-telling workshop was to better understand participant experiences, in order to interpret their needs, roles and views about dealing with cybersecurity in their professional contexts. For interpretation of stories, we propose a framework inspired by cultural-historical activity theory. This approach allowed us to dig deeper into the norms, rules, objectives and organizational constraints underlying participants’ ideas and awareness about cybersecurity in their context. After that, we present the results of our interpretations for system administrators and system network users, separately, for the two municipalities. Our approach proves to be adequate to lay out the tensions in the activities of two user groups in the two municipalities. Also, the approach was powerful in the sense of its sensitivity to the differences and similarities in cybersecurity awareness at the two pilot sites.
Jerry Andriessen, Mirjam Pardijs
Chapter 4. The Design of CS-AWARE Technology
Abstract
We present the design of the CS-AWARE technology. We show the framework of components and information flow during operation. Particular attention focuses on the design of the CS-AWARE interface. In the description, we underline several phases of development, and how these were influenced by socio-technical considerations.
Alexandros Papanikolaou, Kim Gammelgaard
Chapter 5. Deployment and Validation of the CS-AWARE Solution at Two Pilot Sites: A Combined Agile Software Development and Design-Based Research Approach
Abstract
The main objective of this chapter is to discuss the deployment of the CS-AWARE solution at two local public administration (LPA) user sites as pilot case studies, and to evaluate the results and success of the solution through end user validation. This objective is achieved through local pilot-specific development and learning. This means that we evaluate the specific dynamics of each pilot to see to what extent this case realises the goals that have been set by the LPA and relevant stakeholders. We involve users in all phases of deployment, and especially in a number of usability sessions. Furthermore, through assessment and comparative benchmarking, the results from the different pilots will be compared to evaluate similarities and differences. This type of evaluation is needed to draw more generalisable conclusions about cybersecurity solutions. Finally, the results of the pilots allow to derive lessons learned and to draw conclusions from each pilot to help form the final shape of the CS-AWARE solution.
Jerry Andriessen, Thomas Schaberreiter, Christopher Wills, Kim Gammelgaard
Chapter 6. Cybersecurity Awareness in Rome and Larissa: Before, During and After CS-AWARE
Abstract
In this chapter is presented the viewpoint of the users of the CS-AWARE technology, the pilot municipalities of Rome and Larissa. This viewpoint has in part been elicited through stories and workshops, and in part is directly written in the text of this chapter. Users address their motivations, their objectives, their expectations for the CS-AWARE system. Crucially, the present the main impacts of their participation in this project: increased reflection, increased understanding of their own context and system, increased teambuilding and collaboration, and collaboration with academy.
Arianna Bertollini, Massimo Ferrarelli, Omar Parente, Claudio Ferilli, Thanasis Poultsidis, Jerry Andriessen, Thomas Schaberreiter, Alexandros Papanikolaou
Chapter 7. Marketing a cybersecurity Awareness Solution in LPA Contexts
Abstract
We discuss marketing CS-AWARE in the public sector using Italy as a case study. It is explained that the public sector is complicated, and heterogeneous in size, policies, degree of autonomy and cooperation. Most municipalities in Italy are quite small. Of the 7958 municipalities in Italy over 5541 have less than 5000 inhabitants. The average population of Italian municipalities is 7614. A common factor for many municipalities has been declining budgets, inadequate staffing levels, an aging work force, and increased demand for social services. Municipal officials in smaller municipalities typically lack the relevant knowledge to manage cybersecurity solutions, and a further complication there is often no explicit security policy. We look at the need for a good content strategy in developing marketing campaigns for cybersecurity solutions. Developing and maintaining good relationships and credibility are critical in the context of the Italian market for any eventual campaign among municipalities. Despite the trend towards pan-European markets, the Italian market is still characterised by reliance on personal contacts and networks developed internally. Various tactics for developing and evaluating marketing campaigns are reviewed. For many municipal leaders it is the socio-technical approach to cybersecurity awareness that appeals the most. This type of approach, we note, allows local government officials to understand better their organization's needs and how they might meet better their essential mission of service delivery for their communities. Combining the collaborative nature of the CS-AWARE approach with effective, well developed content dissemination will be, we suggest, the key to promoting an eventual cybersecurity campaign.
John Forrester, Manuel Leiva Lopez, Massimo Della Valentina
Chapter 8. Can CS-AWARE be Adapted to the Needs of Different User Groups?
Abstract
This chapter discusses the exploration of possibilities for adapting the CS-AWARE platform to the needs of different user groups, following an agile rapid prototyping and validation approach. This analysis is carried out by combining the results of the workshops assessed during CS-AWARE with an empirical evaluation regarding visualization techniques in state-of-the-art research. The results are used as a baseline regarding requirements for an interdependent multi-stakeholder collaborative environment encompassing the concepts of collaboration & communication, multi-stakeholder involvement, multi-stakeholder visualization, and situational awareness. A prototype testbed is used to evaluate the findings from employees working in cybersecurity as a focus group, as well as the general IT and economic sector to enable a cross-domain evaluation. The overall results focus on insights pertaining to data exploration, communication, and distinctions between research and market implementations.
Christian Luidold
Chapter 9. Other Applications for Cybersecurity Awareness
Abstract
We characterise the main aspects of the CS-AWARE approach and intervention in two municipalities. We apply these aspects to six examples of possible domains for which our approach to cybersecurity awareness could make a significant contribution: knowledge management within organisations, collaboration between organisations and agencies, smart city applications, e-Democracy in times of COVID, cross-sector and cross-border dependencies, and, finally, autonomous robots, on the ground, in the air, or on water.
Jerry Andriessen, Thomas Schaberreiter, Alexandros Papanikolaou, Christopher Wills, Juha Röning
Metadaten
Titel
Cybersecurity Awareness
herausgegeben von
Jerry Andriessen
Dr. Thomas Schaberreiter
Alexandros Papanikolaou
Juha Röning
Copyright-Jahr
2022
Electronic ISBN
978-3-031-04227-0
Print ISBN
978-3-031-04226-3
DOI
https://doi.org/10.1007/978-3-031-04227-0