Cybersecurity for SMEs: introducing the human element into socio-technical cybersecurity risk assessment
Cybersecurity for SMEs: introducing the human element into socio-technical cybersecurity risk assessment
Small and medium-sized enterprises (SMEs) rarely conduct a thorough cyber-risk assessment and they may face various internal issues when attempting to set up cyber-risk strategies. In this work, we apply a user journey approach to model human behaviour and visually map SMEs’ practices and threats, along with a visualisation of the socio-technical actor network, targeted specifically at the risks highlighted in the user journey. By using a combination of cybersecurity-related visualisations, our goals are: i) to raise awareness about cybersecurity, and ii) to improve communication among IT personnel, security experts, and non-technical personnel. To achieve these goals, we combine two modelling languages: Customer Journey Modelling Language (CJML) is a visual language for modelling and visualisation of work processes in terms of user journeys. System Security Modeller (SSM) is an asset-based risk-analysis tool for socio-technical systems. By demonstrating the languages’ supplementary nature through a threat scenario and considering related theories, we believe that there is a sound basis to warrant further validation of CJML and SSM together to raise awareness and handle cyber threats in SMEs.
266-274
Boletsis, Costas
43c234e1-6251-41c9-87b7-3bc4814840c3
Halvorsrud, Ragnhild
57c50c4b-1458-41a4-b81f-4b56e4d644b7
Pickering, J .Brian
225088d0-729e-4f17-afe2-1ad1193ccae6
Phillips, Stephen
47610c30-a543-4bac-a96a-bc1fce564a59
Surridge, Michael
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
8 February 2021
Boletsis, Costas
43c234e1-6251-41c9-87b7-3bc4814840c3
Halvorsrud, Ragnhild
57c50c4b-1458-41a4-b81f-4b56e4d644b7
Pickering, J .Brian
225088d0-729e-4f17-afe2-1ad1193ccae6
Phillips, Stephen
47610c30-a543-4bac-a96a-bc1fce564a59
Surridge, Michael
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Boletsis, Costas, Halvorsrud, Ragnhild, Pickering, J .Brian, Phillips, Stephen and Surridge, Michael
(2021)
Cybersecurity for SMEs: introducing the human element into socio-technical cybersecurity risk assessment.
Hurter, Christopher, Purchase, Helen, Braz, Jose and Bouatouch, Kadi
(eds.)
In Proceedings of the 16th International Joint Conference in Computer Vision, Imaging and Computer Graphics Theory and Applications.
vol. 3,
.
(doi:10.5220/0010332902660274).
Record type:
Conference or Workshop Item
(Paper)
Abstract
Small and medium-sized enterprises (SMEs) rarely conduct a thorough cyber-risk assessment and they may face various internal issues when attempting to set up cyber-risk strategies. In this work, we apply a user journey approach to model human behaviour and visually map SMEs’ practices and threats, along with a visualisation of the socio-technical actor network, targeted specifically at the risks highlighted in the user journey. By using a combination of cybersecurity-related visualisations, our goals are: i) to raise awareness about cybersecurity, and ii) to improve communication among IT personnel, security experts, and non-technical personnel. To achieve these goals, we combine two modelling languages: Customer Journey Modelling Language (CJML) is a visual language for modelling and visualisation of work processes in terms of user journeys. System Security Modeller (SSM) is an asset-based risk-analysis tool for socio-technical systems. By demonstrating the languages’ supplementary nature through a threat scenario and considering related theories, we believe that there is a sound basis to warrant further validation of CJML and SSM together to raise awareness and handle cyber threats in SMEs.
Text
Boletsis_etal_2021
- Version of Record
More information
Published date: 8 February 2021
Venue - Dates:
16th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications, Virtual, 2021-02-08 - 2021-02-10
Identifiers
Local EPrints ID: 485488
URI: http://eprints.soton.ac.uk/id/eprint/485488
PURE UUID: b65346b1-1947-45fc-ac1f-49589693a962
Catalogue record
Date deposited: 07 Dec 2023 17:34
Last modified: 26 Aug 2024 01:32
Export record
Altmetrics
Contributors
Author:
Costas Boletsis
Author:
Ragnhild Halvorsrud
Author:
Stephen Phillips
Author:
Michael Surridge
Editor:
Christopher Hurter
Editor:
Helen Purchase
Editor:
Jose Braz
Editor:
Kadi Bouatouch
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics