Towards projection of the individualised risk assessment for the cybersecurity workforce

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces Pub Date : 2024-12-19 DOI:10.1016/j.csi.2024.103962

Agnė Brilingaitė , Linas Bukauskas , Ingrida Domarkienė , Tautvydas Rančelis , Laima Ambrozaitytė , Rūta Pirta , Ricardo G. Lugo , Benjamin J. Knox

{"title":"Towards projection of the individualised risk assessment for the cybersecurity workforce","authors":"Agnė Brilingaitė , Linas Bukauskas , Ingrida Domarkienė , Tautvydas Rančelis , Laima Ambrozaitytė , Rūta Pirta , Ricardo G. Lugo , Benjamin J. Knox","doi":"10.1016/j.csi.2024.103962","DOIUrl":null,"url":null,"abstract":"<div><div>In the era of global digitalisation, there is rapid development of services requiring cybersecurity resilience against adversarial actions. The demand for skilled cybersecurity professionals is at an all-time high, with over three million positions yet to be filled worldwide. Employers call for help to recruit and retain specialists as a stressful cybersecurity work environment increases the risk of insecure and non-compliant behaviour. Current training methodologies need to be revised to address this issue, underlining the need for a shift towards more individualised training methods to raise awareness about personal traits that impact professional conduct. This paper introduces a multi-disciplinary model that enables the personal trait triangulation of the cybersecurity specialist from three different perspectives: human genetics, psychology, and information and communication technology. The model offers a novel approach by incorporating a self-regulation feature, exemplified through impulsivity measured by the Barratt Impulsiveness Scale, and leveraging a web-based system for both psychological assessment and cybersecurity task completion. Pilot experimental data (n=48) was used for model building and proof of concept. The example demonstrates model potential in individual behaviour prognosis. It suggests its utility in tailoring training strategies that not only enhance cybersecurity performance but also aid in workforce retention by acknowledging and addressing the complex interplay of factors influencing daily cyber routines.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103962"},"PeriodicalIF":4.1000,"publicationDate":"2024-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0920548924001314","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In the era of global digitalisation, there is rapid development of services requiring cybersecurity resilience against adversarial actions. The demand for skilled cybersecurity professionals is at an all-time high, with over three million positions yet to be filled worldwide. Employers call for help to recruit and retain specialists as a stressful cybersecurity work environment increases the risk of insecure and non-compliant behaviour. Current training methodologies need to be revised to address this issue, underlining the need for a shift towards more individualised training methods to raise awareness about personal traits that impact professional conduct. This paper introduces a multi-disciplinary model that enables the personal trait triangulation of the cybersecurity specialist from three different perspectives: human genetics, psychology, and information and communication technology. The model offers a novel approach by incorporating a self-regulation feature, exemplified through impulsivity measured by the Barratt Impulsiveness Scale, and leveraging a web-based system for both psychological assessment and cybersecurity task completion. Pilot experimental data (n=48) was used for model building and proof of concept. The example demonstrates model potential in individual behaviour prognosis. It suggests its utility in tailoring training strategies that not only enhance cybersecurity performance but also aid in workforce retention by acknowledging and addressing the complex interplay of factors influencing daily cyber routines.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Standards & Interfaces 工程技术-计算机：软件工程

CiteScore

11.90

自引率

16.00%

发文量

审稿时长

6 months

期刊介绍： The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking. Computer Standards & Interfaces is an international journal dealing specifically with these topics. The journal • Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels • Publishes critical comments on standards and standards activities • Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods • Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts • Stimulates relevant research by providing a specialised refereed medium.