Assessment of performance during cybersecurity tabletop exercises

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14230%2F24%3A00135149" target="_blank" >RIV/00216224:14230/24:00135149 - isvavai.cz</a>

Výsledek na webu

<a href="https://link.springer.com/article/10.1057/s41284-023-00391-4" target="_blank" >https://link.springer.com/article/10.1057/s41284-023-00391-4</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1057/s41284-023-00391-4" target="_blank" >10.1057/s41284-023-00391-4</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Assessment of performance during cybersecurity tabletop exercises

Popis výsledku v původním jazyce

This research aims to test several tools for assessing workload and performance during a tabletop cybersecurity exercise. We have administered two such exercises in order to collect and analyse data regarding the participants’ behavioural characteristics, their knowledge of cybersecurity, and four sets of questions assessing how they performed their tasks and how they handled the workload. Furthermore, we have also looked for statistical associations with independent expert evaluation of their performance, their mutual assessments of their team colleagues, their professional background and the potential influence of repeated assessment delayed by 2 weeks. We have found that performance was most strongly correlated with a lack of perceived stress caused by the workload, knowledge of cybersecurity, good communication and, unexpectedly, a low openness score. The repeated delayed assessment yielded only data consistent with a regression towards the mean. A comparison between technical and non-technical professionals showed little difference in their self-assessment but showed differences in how they were perceived and assessed by their teammates. Given the importance of this topic, we suggest this area needs further research.

Název v anglickém jazyce

Assessment of performance during cybersecurity tabletop exercises

Popis výsledku anglicky

This research aims to test several tools for assessing workload and performance during a tabletop cybersecurity exercise. We have administered two such exercises in order to collect and analyse data regarding the participants’ behavioural characteristics, their knowledge of cybersecurity, and four sets of questions assessing how they performed their tasks and how they handled the workload. Furthermore, we have also looked for statistical associations with independent expert evaluation of their performance, their mutual assessments of their team colleagues, their professional background and the potential influence of repeated assessment delayed by 2 weeks. We have found that performance was most strongly correlated with a lack of perceived stress caused by the workload, knowledge of cybersecurity, good communication and, unexpectedly, a low openness score. The repeated delayed assessment yielded only data consistent with a regression towards the mean. A comparison between technical and non-technical professionals showed little difference in their self-assessment but showed differences in how they were perceived and assessed by their teammates. Given the importance of this topic, we suggest this area needs further research.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

50601 - Political science

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Security Journal

ISSN

0955-1662

e-ISSN

1743-4645

Svazek periodika

37

Číslo periodika v rámci svazku

3

Stát vydavatele periodika

GB - Spojené království Velké Británie a Severního Irska

Počet stran výsledku

24

Strana od-do

712-735

Kód UT WoS článku

001031335400001

EID výsledku v databázi Scopus

2-s2.0-85165049450