loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Kaiying Luan 1 ; Ragnhild Halvorsrud 2 and Costas Boletsis 2

Affiliations: 1 Department of Informatics, University of Oslo, Oslo, Norway ; 2 SINTEF Digital, Oslo, Norway

Keyword(s): Cybersecurity Awareness, Customer Journey Modelling Language, Tool Development, Empirical Study.

Abstract: Humans are the weak link in cybersecurity, hence, this paper considers the human factor in cybersecurity and how the customer journey approach can be used to increase cybersecurity awareness. The Customer Journey Modelling Language (CJML) is used to document and visualise a service process. We expand the CJML formalism to encompass cybersecurity and develop an easy-to-use web application as a supporting tool for training and awareness. We present the results from the usability test with ten persons in the target group and report on usability and feasibility. All participants managed to finish the test, and most participants indicated that the tool was easy to use. By using the tool, non-expert users can make user journey diagrams showing basic conformance in a short time without professional training. For the threat diagram, half of the users achieved full conformance. In conclusion, the tool can serve as low-threshold cybersecurity awareness training for SME employees. We discuss th e limitations and validity of the results and future work to improve the tool’s usability. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.129.211.116

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Luan, K.; Halvorsrud, R. and Boletsis, C. (2023). Evaluation of a Tool to Increase Cybersecurity Awareness Among Non-experts (SME Employees). In Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-624-8; ISSN 2184-4356, SciTePress, pages 509-518. DOI: 10.5220/0011680500003405

@conference{icissp23,
author={Kaiying Luan. and Ragnhild Halvorsrud. and Costas Boletsis.},
title={Evaluation of a Tool to Increase Cybersecurity Awareness Among Non-experts (SME Employees)},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP},
year={2023},
pages={509-518},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011680500003405},
isbn={978-989-758-624-8},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP
TI - Evaluation of a Tool to Increase Cybersecurity Awareness Among Non-experts (SME Employees)
SN - 978-989-758-624-8
IS - 2184-4356
AU - Luan, K.
AU - Halvorsrud, R.
AU - Boletsis, C.
PY - 2023
SP - 509
EP - 518
DO - 10.5220/0011680500003405
PB - SciTePress