Title Mapping of cybersecurity competence assessment and human factors in cybersecurity exercises /
Authors Čiurlienė, Karina
Full Text Download
Is Part of Proceeding of international conference-2024: hybrid event, 17th -18 th May 2024 : abstract.. Institute for Technical and Academic Research (ITAR). 2024, p. 6
Keywords [eng] cybersecurity ; human factors ; cybersecurity defense exercises
Abstract [eng] The cyber attacks are becoming more sophisticated therefore higher competence of the cybersecurity professionals is required to protect IT systems. Knowledge and competencies are the key factors allowing one to recognize potential threats, understand the importance of security protocols, and adopt best practices, therefore education plays a crucial role in increasing the experience of cybersecurity professionals. Cybersecurity is an interdisciplinary field that includes aspects of information technology, forensics, and cognitive aspects of human behavior and thinking, so decision-making during cyber attacks or security incidents depends not only on technical knowledge but also on human factors such as personal data including experience, education, habits as well as social-psychological aspects such as emotional environment, self-control, motivation, etc. Therefore, a competence assessment of cybersecurity professionals must be performed including the aforementioned parameters. Also, it must be pointed out that data about the dominant characteristics and risks of cybersecurity professionals makes it easier to select appropriate competence assessment methods. The goal of this research was to analyze cybersecurity competence assessment methods based on data collected using surveys during the cybersecurity defense exercise „AMBER MIST 2023“ and the biggest hackathon of cyber defense and security innovations in the Baltic States – “FIRE SHIELD 2023” that was organized in Lithuania. Competence assessment data as well as human factors were included in the analysis. Also, the cybersecurity competence assessment method was proposed based on the following data such as user profile, experience in cybersecurity, teamwork, stress, emotion, and motivation. Moreover, Bloom’s taxonomy was used for mapping cybersecurity competence and assessment methods. The results of this research allow us to understand the relationship between the competence model and assessments as well as complement cybersecurity training programs.
Published Institute for Technical and Academic Research (ITAR)
Type Conference paper
Language English
Publication date 2024