A framework for mapping organisational workforce knowledge profile in cyber security DOI Creative Commons
Lata Nautiyal, Awais Rashid

Computers & Security, Journal Year: 2024, Volume and Issue: 145, P. 103925 - 103925

Published: July 14, 2024

A cyber security organisation needs to ensure that its workforce possesses the necessary knowledge fulfil business functions. Similarly, where an chooses delegate their tasks a third-party provider, they must chosen entity robust capabilities effectively carry out assigned tasks. Building comprehensive profile is distinct challenge; field ever evolving with range of professional certifications, academic qualifications and on-the-job training. So far, there has been lack well-defined methodology for systematically evaluating organisation's knowledge, specifically derived from workforce, against standardised reference point. Prior research on profiling across various disciplines predominantly utilised established frameworks such as SWEBOK. However, within domain security, absence point notable. In this paper, we advance framework leveraging Cyber Security Body Knowledge (CyBOK), construct profile. The enables user identify areas coverage gaps may lie, so can consider targeted recruitment or training or, expertise be outsourced, drawing in capability third parties. latter case, also used basis assessing party. We present framework, discussing three case studies organisational teams underpinning initial development, followed by refinement through workshops practitioners.

Language: Английский

Does cybersecurity regulation promote digital transformation? Evidence from the Cyber Security Law in China DOI

Jin Xianglan,

Huijuan Cui,

Fengwei Liu

et al.

Finance research letters, Journal Year: 2025, Volume and Issue: unknown, P. 107041 - 107041

Published: Feb. 1, 2025

Language: Английский

Citations

2
Comparative Analysis of EU-Based Cybersecurity Skills Frameworks DOI Creative Commons
Fernando Almeida

Computers & Security, Journal Year: 2025, Volume and Issue: unknown, P. 104329 - 104329

Published: Jan. 1, 2025

Language: Английский

Citations

0
QoS-Aware cloud security using lightweight EfficientNet with Adaptive Sparse Bayesian Optimization DOI

J Vinothini,

Srie Vidhya Janani E

Peer-to-Peer Networking and Applications, Journal Year: 2025, Volume and Issue: 18(2)

Published: Jan. 20, 2025

Language: Английский

Citations

0
Toward a Continental Financial Ecosystem: The Implications of AfCFTA for Fintech License Passporting DOI

Hammed Adedeji Ajani,

Saidu Patrick Conteh

Published: Jan. 1, 2025

Language: Английский

Citations

0
Concerns About the Rapid Growth of FinTech: Data Privacy, Breach, and Cybersecurity Issues and the Resulting Regulatory Reforms DOI
Xiao Peng, Larry Li

Published: Jan. 1, 2025

Language: Английский

Citations

0
Enhancing Cybersecurity in Sustainable Energy: Regulatory Compliance, Challenges, and Policy Innovations DOI

Shruti Saxena,

Shivani Saxena, Nikunj Tahilramani

et al.

Published: Feb. 21, 2025

Language: Английский

Citations

0
Cybersecurity preparedness of small-to-medium businesses: A Western Australia study with broader implications DOI Creative Commons
Alladean Chidukwani, Sebastian Zander, Polychronis Koutsakis

et al.

Computers & Security, Journal Year: 2024, Volume and Issue: 145, P. 104026 - 104026

Published: July 30, 2024

This study was prompted by the scarcity of focused quantitative research on cybersecurity SMBs. Our aimed to understand factors influencing SMBs' approach cybersecurity, their level threat awareness and importance placed cybersecurity. It also explored extent which NIST CSF practices are implemented SMBs while detecting ranking prevalent challenges faced Additionally, resources that turn for help guidance were evaluated. While survey-based Western Australian SMBs, results more general wider interest. found lack funds be biggest hindrance along with a knowledge where start implementing good security practices. lacked familiarity relevant regulations frameworks. The highlights areas improvement, such as access control mechanisms, individual user accounts, formalised policies procedures, dedicated budgets. heavily rely Google search information, emphasising need optimised from authoritative sources. IT service providers informal networks emerge important sources guidance, local universities could assist but remain underutilised in this regard. Interestingly, organisational size, industry sector, revenue did not significantly impact perception vulnerability cyber threats. However, further investigation is needed evaluate effectiveness different models needs. Overall, provides valuable insights into specific gaps domain, well preferred methods seeking consuming assistance. findings can guide development targeted strategies enhance posture

Language: Английский

Citations

2
A framework for mapping organisational workforce knowledge profile in cyber security DOI Creative Commons
Lata Nautiyal, Awais Rashid

Computers & Security, Journal Year: 2024, Volume and Issue: 145, P. 103925 - 103925

Published: July 14, 2024

A cyber security organisation needs to ensure that its workforce possesses the necessary knowledge fulfil business functions. Similarly, where an chooses delegate their tasks a third-party provider, they must chosen entity robust capabilities effectively carry out assigned tasks. Building comprehensive profile is distinct challenge; field ever evolving with range of professional certifications, academic qualifications and on-the-job training. So far, there has been lack well-defined methodology for systematically evaluating organisation's knowledge, specifically derived from workforce, against standardised reference point. Prior research on profiling across various disciplines predominantly utilised established frameworks such as SWEBOK. However, within domain security, absence point notable. In this paper, we advance framework leveraging Cyber Security Body Knowledge (CyBOK), construct profile. The enables user identify areas coverage gaps may lie, so can consider targeted recruitment or training or, expertise be outsourced, drawing in capability third parties. latter case, also used basis assessing party. We present framework, discussing three case studies organisational teams underpinning initial development, followed by refinement through workshops practitioners.

Language: Английский

Citations

0