We are happy to announce that the work of NTUA has been accepted at the IADIS Information Systems Conference (IS 2020). The paper, titled “TOWARDS A CYBERSECURITY CULTURE TOOL THROUGH A HOLISTIC, MULTI-DIMENSIONAL ASSESSMENT FRAMEWORK”, is about the framework and the tool the NTUA is developing for the Task 2.2 of the project. The conference will be held in a virtual format due to the corona-virus outbreak, from 2 to 4 of April.
The abstract is as follows:
Cyber-security culture forms one of the best lines of defence against many cyber-attacks making it an ideal and efficient target to address, in order to better secure organisations. It has its foundations on the information security policies and procedures enforced by its management. It is also dictated and formed by the behaviour, perceptions and attitudes of its employees. These will form the basis of our model which aims to quantify these theoretical constructs in order to analyse them and provide feedback. The close examination of existing security assessment tools and frameworks while identifying the most important security components and sections which need to be addressed and evaluated, resulted in our proposition of a state-of-the-art cyber-security culture tool. The presented approach aims to address existing gaps by adopting a holistic perspective that incorporates both organisational and individual aspects of security culture, including behavioural traits that affect and risk the security level of the company. Our approach and tool will be applied to the EPES sector, where the timely assessment of the security culture is considered essential and of high impact.