Expert assessment of the top platform independent cybersecurity skills for non-IT professionals

Cybersecurity threats are causing substantial financial losses for individuals, organizations, and governments. Information technology (IT) users' mistakes, due to poor cybersecurity skills, represent about 72% to 95% of cybersecurity threats to organizations. As opposed to IT professionals, co...

Full description

Saved in:
Bibliographic Details
Published inSoutheastCon 2015 pp. 1 - 6
Main Authors Carlton, Melissa, Levy, Yair
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.04.2015
Subjects
Computer security
cybersecurity
cybersecurity skills
Electronic mail
Government
information security skills of non-IT professional
InfraGard-United States Federal Bureau of Investigation expert panel
risk mitigation tool
Tablet computers
Online AccessGet full text
ISSN1091-0050
DOI10.1109/SECON.2015.7132932

Cover

More Information
Summary:Cybersecurity threats are causing substantial financial losses for individuals, organizations, and governments. Information technology (IT) users' mistakes, due to poor cybersecurity skills, represent about 72% to 95% of cybersecurity threats to organizations. As opposed to IT professionals, computer end-users are one of the weakest links in the cybersecurity chain, due to their limited cybersecurity skills. Skills are defined as the combination of knowledge, experience, and ability to do something well. Cybersecurity skills are the skills one possess to prevent damage to IT via the Internet. However, the current measures of end-user cybersecurity skills are based on self-reported surveys. This study is the first phase of a larger research project that is aimed to develop a scenario-based iPad application to measure cybersecurity skills based on actual scenarios with hands-on tasks that the participants complete in demonstrating their skills. To design a measure that has both high validity and reliability, the first phase of the study was set forth to follow the Delphi method in seeking subject matter experts' opinion on the top platform independent cybersecurity skills for non-IT professionals. A total of 18 experts from the Florida chapter of the InfraGard, a public-private partnership between the United States Federal Bureau of Investigation (FBI)'s cyber division and private sector that focus on cybersecurity, along with subject matter experts from other federal agencies such as the United States Secret Services' (USSS) Electronic Crimes Task Force team and industry, took part in our Delphi expert panel process. The exploratory expert panel data was recorded and categorized into similar groups of comments for improvements, along with quantitative rankings. Comments were then solicited again for expert consensus, to derive the rankings of the top nine platform independent cybersecurity skills. The paper ends with some discussion on the next phase of this ongoing research along with some initial implications of the findings to practice and research.
ISSN:1091-0050
DOI:10.1109/SECON.2015.7132932