Introducing and Interfacing with Cybersecurity – A Cards Approach

by   Ryan Shah, et al.

Cybersecurity is an important topic which is often viewed as one that is inaccessible due to steep learning curves and a perceived requirement of needing specialist knowledge. With a constantly changing threat landscape, practical solutions such as best-practices are employed, but the number of critical cybersecurity-related incidents remains high. To address these concerns, the National Cyber Security Centre published a Cybersecurity Body of Knowledge (CyBOK) to provide a comprehensive information base used to advise and underpin cybersecurity learning. Unfortunately, CyBOK contains over 1000 pages of in-depth material and may not be easy to navigate for novice individuals. Furthermore, it does not allow for easy expression of various cybersecurity scenarios that such individuals may be exposed to. As a solution to these two issues, we propose the use of a playing cards format to provide introductory cybersecurity knowledge that supports learning and discussion, using CyBOK as the foundation for the technical content. Upon evaluation in two user studies, we found that 80 them with introductory knowledge of cybersecurity topics, and 70 cards provided an interface for discussing topics and enabled them to make links between attacks, vulnerabilities and defences.


System Attack Modeling Techniques Critical Information Infrastructure

Every day around the world, various organizations are exposed to more th...

Pitfalls in Effective Knowledge Management: Insights from an International Information Technology Organization

Knowledge is considered an essential resource for organizations. For org...

Privacy vs National Security

There are growing concerns and anxiety about privacy among the general p...

Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity

Computer users are generally faced with difficulties in making correct s...

Authorship ethics: an overview of research on the state of practice

Authorship ethics is a central topic of discussion in research ethics fo...

Topic-to-Essay Generation with Comprehensive Knowledge Enhancement

Generating high-quality and diverse essays with a set of topics is a cha...

Linking Common Vulnerabilities and Exposures to the MITRE ATT CK Framework: A Self-Distillation Approach

Due to the ever-increasing threat of cyber-attacks to critical cyber inf...

Please sign up or login with your details

Forgot password? Click here to reset