Cyber Security Awareness Requirements for Operational Technology Systems

The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA) in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

Download Full-text

Security Awareness in the Internet of Everything

Harnessing the Internet of Everything (IoE) for Accelerated Innovation Opportunities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7332-6.ch012 ◽

2019 ◽

pp. 272-301 ◽

Cited By ~ 1

Author(s):

Viacheslav Izosimov ◽

Martin Törngren

Keyword(s):

Cyber Security ◽

Physical System ◽

System Of Systems ◽

The Internet ◽

Security Awareness ◽

Security Risks ◽

Interconnected System ◽

Security Education ◽

Practical Evaluation ◽

Explicit Consideration

Our societal infrastructure is transforming into a connected cyber-physical system of systems, providing numerous opportunities and new capabilities, yet also posing new and reinforced risks that require explicit consideration. This chapter addresses risks specifically related to cyber-security. One contributing factor, often neglected, is the level of security education of the users. Another factor, often overlooked, concerns security-awareness of the engineers developing cyber-physical systems. Authors present results of interviews with developers and surveys showing that increase in security-awareness and understanding of security risks, evaluated as low, are the first steps to mitigate the risks. Authors also conducted practical evaluation investigating system connectivity and vulnerabilities in complex multi-step attack scenarios. This chapter advocates that security awareness of users and developers is the foundation to deployment of interconnected system of systems, and provides recommendations for steps forward highlighting the roles of people, organizations and authorities.

Download Full-text

Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

10.4018/978-1-6684-3554-0.ch007 ◽

2022 ◽

pp. 139-156

Author(s):

Winfred Yaokumah

Keyword(s):

Cyber Security ◽

Domain Knowledge ◽

Training Programs ◽

Cyber Attacks ◽

Competency Model ◽

Learning Theories ◽

Security Awareness ◽

Non Governmental Organizations ◽

Security Competency ◽

And Training

There is an urgent need for transformative changes in cyber security awareness and training programs to produce individuals and the workforce that can deal with business risks emanating from the prevailing and emerging cyber-attacks. This chapter proposes a cyber security competency model that integrates learning theories (cognitive, affective, and psychomotor), learning continuum hierarchy (awareness and training), and cyber security domain knowledge. Employing literature search of scholarly and practitioner works, together with cyber security standards from governmental and non-governmental organizations, the chapter integrates cyber security domain knowledge, learning theories, and learning continuum hierarchy to design a model of cyber security competencies suitable for use in educating individuals and the general workforce. This theoretical-based approach to designing cyber security awareness and training programs will produce skillful individuals and workforce that can mitigate cyber-attacks in the global business environment.

Download Full-text

P-236 Increasing cyber security awareness in the hospice environment

10.1136/bmjspcare-2018-hospiceabs.261 ◽

2018 ◽

Author(s):

Tim Clifton

Keyword(s):

Cyber Security ◽

Security Awareness

Download Full-text

The role of B2B marketers in increasing cyber security awareness and influencing behavioural change

Industrial Marketing Management ◽

10.1016/j.indmarman.2019.04.003 ◽

2019 ◽

Vol 83 ◽

pp. 224-238 ◽

Cited By ~ 3

Author(s):

Peter R.J. Trim ◽

Yang-Im Lee

Keyword(s):

Cyber Security ◽

Behavioural Change ◽

Security Awareness

Download Full-text

An Ontology Based Model for Cyber Security Awareness Education

10.29007/3xgx ◽

2019 ◽

Author(s):

Nthabiseng Modiba ◽

Sunday Ojo ◽

Zenzo Ncube

Keyword(s):

Cyber Security ◽

Personal Information ◽

Academic Community ◽

Internet Security ◽

The Body ◽

Security Awareness ◽

Literature Study ◽

Protection Measures ◽

Body Of Knowledge ◽

Ontology Model

The internet has become a crucial part of our everyday lives so it is important to ensure that one is secure when surfing on it since personal information can be exchanged. Cyber security awareness is the key to internet security. The research discussed in this paper aims to develop an ontology model for cyber security awareness for educational purposes, to enable users to take responsibility for their own safety online. It aims to fill a gap in understanding of the cyber security awareness (CSA) education and to bridge the consensus gap between the Body of Knowledge (BoK) contributors. The research study was conducted using CURONTO (which is a curriculum ontology) model, to develop our CSA education ontology model that we propose. There are many attempts being made to allow for CSA education, but there remains a challenge of lack of consensus or common understanding of the CSA body of knowledge. There is need for a common model and format aimed at bringing together and putting in place, measures to address cybersecurity attacks. This will assist organizations and countries to close the gap and difference in the available CSA information globally, and to especially assist countries and organizations that are still developing cybersecurity protection measures, to have the information that they need readily available (Takahashi, Kadobayashi, 2011). We used an ontology because it will also be available to the academic community also to refine, extend or apply to other domains and also an ontology is both sharable and interoperable. In this paper we used the CURONTO model to develop our CSA ontology model for educational purposes, we expanded the one class of the model called syllabus and we added more classes so that it can serve for the CSA education. Then we did a literature study to develop a CSA syllabus from, the acquired syllabus was then represented in the model.

Download Full-text