Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Automating the Communication of Cybersecurity Knowledge: Multi-case Study
FHNW, IIT and IMVS, CHE, Utrecht University, NLD.
Blekinge Institute of Technology, Faculty of Computing, Department of Software Engineering. SERL-Sweden, SWE, FHNW, IIT and IMVS, CHE.ORCID iD: 0000-0001-7368-4448
FHNW, IIT and IMVS, CHE.
2020 (English)In: IFIP Advances in Information and Communication Technology / [ed] Drevin L.,Von Solms S.,Theocharidou M., Springer Science and Business Media Deutschland GmbH , 2020, Vol. 579, p. 110-124Conference paper, Published paper (Refereed)
Abstract [en]

Cybersecurity is essential for the protection of companies against cyber threats. Traditionally, cybersecurity experts assess and improve a company’s capabilities. However, many small and medium-sized businesses (SMBs) consider such services not to be affordable. We explore an alternative do-it-yourself (DIY) approach to bringing cybersecurity to SMBs. Our method and tool, CYSEC, implements the Self-Determination Theory (SDT) to guide and motivate SMBs to adopt good cybersecurity practices. CYSEC uses assessment questions and recommendations to communicate cybersecurity knowledge to the end-user SMBs and encourage self-motivated change. In this paper, the operationalisation of SDT in CYSEC is presented and the results of a multi-case study shown that offer insight into how SMBs adopted cybersecurity practices with CYSEC. Effective automated cybersecurity communication depended on the SMB’s hands-on skills, tools adaptedness, and the users’ willingness to documenting confidential information. The SMBs wanted to learn in simple, incremental steps, allowing them to understand what they do. An SMB’s motivation to improve security depended on the fitness of assessment questions and recommendations with the SMB’s business model and IT infrastructure. The results of this study indicate that automated counselling can help many SMBs in security adoption. © 2020, IFIP International Federation for Information Processing.

Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2020. Vol. 579, p. 110-124
Series
IFIP Advances in Information and Communication Technology, ISSN 1868-4238
Keywords [en]
Capability assessment and improvement, Cybersecurity, Do-it-yourself, Multi-case study, Small and medium-sized businesses, Information technology, Business modeling, Confidential information, Cyber security, Cyber threats, Do it yourself, IT infrastructures, Self-determination theories, Small and medium sized business, Security of data
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-20561DOI: 10.1007/978-3-030-59291-2_8Scopus ID: 2-s2.0-85092115002ISBN: 9783030592905 (print)OAI: oai:DiVA.org:bth-20561DiVA, id: diva2:1477548
Conference
13th IFIP WG 11.8 World Conference on Information Security Education, WISE 2020, Maribor, Slovenia, 21 September 2020 through 23 September 2020;
Funder
EU, Horizon 2020, 740787
Note

open access

Available from: 2020-10-19 Created: 2020-10-19 Last updated: 2022-05-04Bibliographically approved

Open Access in DiVA

fulltext(1270 kB)406 downloads
File information
File name FULLTEXT01.pdfFile size 1270 kBChecksum SHA-512
c6469d30460bdb3962f565d7c38abaf9200b2bad965edb224d68cc2b049f941506a47a616cee6b037a6abfab9c9d8f13684b418a79b7d770d04877d7d1dd3344
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Fricker, Samuel

Search in DiVA

By author/editor
Fricker, Samuel
By organisation
Department of Software Engineering
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 406 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 302 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf