Evaluation of a Tool to Increase Cybersecurity Awareness Among Non-experts (SME Employees)
| dc.contributor.author | Luan, Kaiying | |
| dc.contributor.author | Halvorsrud, Ragnhild | |
| dc.contributor.author | Boletsis, Costas | |
| dc.date.accessioned | 2023-03-07T14:07:22Z | |
| dc.date.available | 2023-03-07T14:07:22Z | |
| dc.date.created | 2023-03-03T11:24:54Z | |
| dc.date.issued | 2023 | |
| dc.identifier.citation | Proceedings of the International Conference on Information Systems Security and Privacy (ICISSP). 2023, 509-518. | en_US |
| dc.identifier.issn | 2184-4356 | |
| dc.identifier.uri | https://hdl.handle.net/11250/3056517 | |
| dc.description.abstract | Humans are the weak link in cybersecurity, hence, this paper considers the human factor in cybersecurity and how the customer journey approach can be used to increase cybersecurity awareness. The Customer Journey Modelling Language (CJML) is used to document and visualise a service process. We expand the CJML formalism to encompass cybersecurity and develop an easy-to-use web application as a supporting tool for training and awareness. We present the results from the usability test with ten persons in the target group and report on usability and feasibility. All participants managed to finish the test, and most participants indicated that the tool was easy to use. By using the tool, non-expert users can make user journey diagrams showing basic conformance in a short time without professional training. For the threat diagram, half of the users achieved full conformance. In conclusion, the tool can serve as low-threshold cybersecurity awareness training for SME employees. We discuss th e limitations and validity of the results and future work to improve the tool’s usability. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | SciTePress | en_US |
| dc.relation.uri | https://www.scitepress.org/PublicationsDetail.aspx?ID=iK+gJ48P85c%3d&t=1 | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/deed.no | * |
| dc.title | Evaluation of a Tool to Increase Cybersecurity Awareness Among Non-experts (SME Employees) | en_US |
| dc.type | Peer reviewed | en_US |
| dc.type | Journal article | en_US |
| dc.description.version | publishedVersion | en_US |
| dc.rights.holder | © 2023 by SCITEPRESS – Science and Technology Publications, Lda. Under CC license (CC BY-NC-ND 4.0). | en_US |
| dc.source.pagenumber | 509-518 | en_US |
| dc.source.journal | Proceedings of the International Conference on Information Systems Security and Privacy (ICISSP) | en_US |
| dc.identifier.doi | 10.5220/0011680500003405 | |
| dc.identifier.cristin | 2130968 | |
| dc.relation.project | EC/H2020/883188 | en_US |
| cristin.ispublished | true | |
| cristin.fulltext | original | |
| cristin.qualitycode | 1 |
Tilhørende fil(er)
Denne innførselen finnes i følgende samling(er)
-
Publikasjoner fra CRIStin - SINTEF AS [5668]
-
SINTEF Digital [2415]
Med mindre annet er angitt, så er denne innførselen lisensiert som Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal