loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Costas Boletsis 1 ; Sefat Orni 2 and Ragnhild Halvorsrud 1

Affiliations: 1 SINTEF Digital, Oslo, Norway ; 2 Department of Informatics, University of Oslo, Oslo, Norway

Keyword(s): CJML, Cybersecurity, Modelling, User Journey, Visualisation.

Abstract: Improving security posture while addressing human errors made by employees are among the most challenging tasks for SMEs concerning cybersecurity risk management. To facilitate these measures, a domain-specific modelling tool for visualising cybersecurity-related user journeys, called the HORM Diagramming Tool (HORM-DT), is introduced. By visualising SMEs’ cybersecurity practices, HORM-DT aims to raise their cybersecurity awareness by highlighting the related gaps, thereby ultimately informing new or updated cyber-risk strategies. HORM-DT’s target group consists of SMEs’ employees with various areas of technical expertise and different backgrounds. The tool was developed as part of the Human and Organisational Risk Modelling (HORM) framework, and the underlying formalism is based on the Customer Journey Modelling Language (CJML) as extended by elements of the CORAS language to cover cybersecurity-related user journeys. HORM-DT is a fork of the open-source Diagrams.net software, which was modified to facilitate the creation of cybersecurity-related diagrams. To evaluate the tool, a usability study following a within-subject design was conducted with 29 participants. HORM-DT achieved a satisfactory system usability scale score of 80.69, and no statistically significant differences were found between participants with diverse diagramming tool experience. The tool’s usability was also praised by participants, although there were negative comments regarding its functionality of connecting elements with lines. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.188.113.185

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Boletsis, C.; Orni, S. and Halvorsrud, R. (2023). The HORM Diagramming Tool: A Domain-Specific Modelling Tool for SME Cybersecurity Awareness. In Proceedings of the 18th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP 2023) - IVAPP; ISBN 978-989-758-634-7; ISSN 2184-4321, SciTePress, pages 203-213. DOI: 10.5220/0011786600003417

@conference{ivapp23,
author={Costas Boletsis. and Sefat Orni. and Ragnhild Halvorsrud.},
title={The HORM Diagramming Tool: A Domain-Specific Modelling Tool for SME Cybersecurity Awareness},
booktitle={Proceedings of the 18th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP 2023) - IVAPP},
year={2023},
pages={203-213},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011786600003417},
isbn={978-989-758-634-7},
issn={2184-4321},
}

TY - CONF

JO - Proceedings of the 18th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP 2023) - IVAPP
TI - The HORM Diagramming Tool: A Domain-Specific Modelling Tool for SME Cybersecurity Awareness
SN - 978-989-758-634-7
IS - 2184-4321
AU - Boletsis, C.
AU - Orni, S.
AU - Halvorsrud, R.
PY - 2023
SP - 203
EP - 213
DO - 10.5220/0011786600003417
PB - SciTePress