SlideShare ist ein Scribd-Unternehmen logo

Human factors in cybersecurity: Needs assessment

Als PPTX, PDF herunterladen
Rick van der Kleij
Rick van der Kleij

Overview of challenges and needs of cyber security professionals/ employees working in cyber security professions

Wirtschaft & Finanzen
1 von 12
SRP CYBER FOR FINANCIALS Human factors in cyber security | Rick van der Kleij, Dimitri Hehanussa & Reinder Wolthuis
CYBER SECURITY PROFESSIONALS Innovating for Cyber Security Professionals Business state
FOCUS ON PROFESSIONALS: ISSUES? Large component of knowledge work: creative problem solving Highly automated environment: human automation teaming Information overloaded environment/ big data problem (high number of potential false positives) ….. Question: How to improve the performance & functioning of the human elements in this challenging working enviroment? SRP Cyber for Financials
NEEDS MODEL: INTERVIEWS IN 2017 Organization needs Team Performance needs Individual needs Instrumental needs 21 September 20175 | Computer Security Incident Response Teams Needs that pertain to Incident handling behavior or tangible outcomes, such as time to identification, or ability to remove threat Needs that pertain to the state of the team or level of team performance required for satisfactory functioning, such as team structure Needs that pertain to the individual’s abilities or attitudes, such as job satisfaction or team orientation Interventions or tools that are required to obtain a satisfactory level of functioning Van der Kleij, R. Kleinhuis, G., & Young, H. (2017). Computer Security Incident Response Team Effectiveness: A Needs Assessment. Frontiers in Psychology. doi: 10.3389/fpsyg.2017.02179
ORGANISATION Innovating for Cyber Security Professionals • Problem solving capacity; • Measuring Effectiveness; • Coordination & information exchange; • Organizational learning
TEAM Innovating for Cyber Security Professionals • Sharing information within team (e.g., between shifts & handovers); • Work in multiteams • Team awareness;
INDIVIDUALS Innovating for Cyber Security Professionals • Acquire en keep personnel; • Competence management; • Decision making around incident (e.g., triage); • Balancing workload
INSTRUMENTS Innovating for Cyber Security Professionals • Interpersonal communication tools; • Incident-reports; • Visual overviews for shared situation awareness;
10 | Computer Security Incident Response Teams Human state monitoring OTHER RELEVANT TOPICS?
BOTTLENECKS RELATED TO HF RESEARCH? It’s about humans, so professionals, employees or customers need to be involved in the research Capacity and involvement is required Observations and interviews sometimes needed in practice, e.g., to gain detailed understanding of how analysts perform, how sensemaking takes place in practice, and what the issues are that relate to SOC- automation. Interventions eventually need to be tested in practice (human-in-the- loop) SRP Cyber for Financials
THANK YOU FOR YOUR ATTENTION Take a look: TIME.TNO.NL

Empfohlen

Why Corporate Security Professionals Should Care About Information Security
Why Corporate Security Professionals Should Care About Information Security Why Corporate Security Professionals Should Care About Information Security
Why Corporate Security Professionals Should Care About Information Security Resolver Inc.
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON
 
Deral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail LaterDeral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail Latercentralohioissa
 
20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh Shanmughanathan20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh ShanmughanathanSharath Kumar
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic ManagementMarcelo Martins
 
Data Protection Top Ten Concerns
Data Protection Top Ten ConcernsData Protection Top Ten Concerns
Data Protection Top Ten Concernshealthcareisi
 
Wicks_Recommendation
Wicks_RecommendationWicks_Recommendation
Wicks_RecommendationKathleen Wicks
 
Digital Security
Digital SecurityDigital Security
Digital SecurityKoshy Tk
 

Empfohlen

Why Corporate Security Professionals Should Care About Information Security
Why Corporate Security Professionals Should Care About Information Security Why Corporate Security Professionals Should Care About Information Security
Why Corporate Security Professionals Should Care About Information Security Resolver Inc.
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON
 
Deral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail LaterDeral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail Latercentralohioissa
 
20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh Shanmughanathan20th March Session Five by Ramesh Shanmughanathan
20th March Session Five by Ramesh ShanmughanathanSharath Kumar
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic ManagementMarcelo Martins
 
Data Protection Top Ten Concerns
Data Protection Top Ten ConcernsData Protection Top Ten Concerns
Data Protection Top Ten Concernshealthcareisi
 
Wicks_Recommendation
Wicks_RecommendationWicks_Recommendation
Wicks_RecommendationKathleen Wicks
 
Digital Security
Digital SecurityDigital Security
Digital SecurityKoshy Tk
 
Data-driven crime prevention using AI
Data-driven crime prevention using AIData-driven crime prevention using AI
Data-driven crime prevention using AIDoreen Loeber
 
Service now vulnerability patching_move
Service now vulnerability patching_moveService now vulnerability patching_move
Service now vulnerability patching_moveSubrat Kumar Dash
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesThe TNS Group
 
MT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseMT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseDell EMC World
 
Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!Spiceworks Ziff Davis
 
Uncovering the key to a successful psim installation
Uncovering the key to a successful psim installationUncovering the key to a successful psim installation
Uncovering the key to a successful psim installationSandhya Rao
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk ManagementSocial Tables
 
2011 SC Magazine Insider Threat Keynote
2011 SC Magazine Insider Threat Keynote2011 SC Magazine Insider Threat Keynote
2011 SC Magazine Insider Threat KeynoteJohn D. Johnson
 
10 Questions Every Company Should Be Asking Itself About its Business Resilience
10 Questions Every Company Should Be Asking Itself About its Business Resilience10 Questions Every Company Should Be Asking Itself About its Business Resilience
10 Questions Every Company Should Be Asking Itself About its Business ResilienceMichael Bowers
 
Yankee Herd Intelligence Will Reshape Anti Malware
Yankee Herd Intelligence Will Reshape Anti MalwareYankee Herd Intelligence Will Reshape Anti Malware
Yankee Herd Intelligence Will Reshape Anti Malwaretswong
 
Vulnerability Voodoo and the Convergence of Foundational Security Controls
Vulnerability Voodoo and the Convergence of Foundational Security ControlsVulnerability Voodoo and the Convergence of Foundational Security Controls
Vulnerability Voodoo and the Convergence of Foundational Security ControlsTripwire
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsInterset
 
12 Factors Causing Your E-Signature Project To Fail
12 Factors Causing Your E-Signature Project To Fail12 Factors Causing Your E-Signature Project To Fail
12 Factors Causing Your E-Signature Project To FailFormaliti
 
The Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityThe Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityInterset
 
How Technology Can Enhance Your NonProfit Part 1
How Technology Can Enhance Your NonProfit Part 1How Technology Can Enhance Your NonProfit Part 1
How Technology Can Enhance Your NonProfit Part 1The TNS Group
 
Role Description
Role DescriptionRole Description
Role DescriptionByron Matthews
 
Simplify your analytics strategy
Simplify your analytics strategySimplify your analytics strategy
Simplify your analytics strategyVarun Tandon
 
isicg - 3 r's v4
isicg - 3 r's v4isicg - 3 r's v4
isicg - 3 r's v4Elliott Franklin
 
What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2IANS
 
An Intro to Core
An Intro to CoreAn Intro to Core
An Intro to CoreResolver Inc.
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application SecurityTy Sbano
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsRick van der Kleij
 

Weitere ähnliche Inhalte

Was ist angesagt?

Data-driven crime prevention using AI
Data-driven crime prevention using AIData-driven crime prevention using AI
Data-driven crime prevention using AIDoreen Loeber
 
Service now vulnerability patching_move
Service now vulnerability patching_moveService now vulnerability patching_move
Service now vulnerability patching_moveSubrat Kumar Dash
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesThe TNS Group
 
MT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseMT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseDell EMC World
 
Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!Spiceworks Ziff Davis
 
Uncovering the key to a successful psim installation
Uncovering the key to a successful psim installationUncovering the key to a successful psim installation
Uncovering the key to a successful psim installationSandhya Rao
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk ManagementSocial Tables
 
2011 SC Magazine Insider Threat Keynote
2011 SC Magazine Insider Threat Keynote2011 SC Magazine Insider Threat Keynote
2011 SC Magazine Insider Threat KeynoteJohn D. Johnson
 
10 Questions Every Company Should Be Asking Itself About its Business Resilience
10 Questions Every Company Should Be Asking Itself About its Business Resilience10 Questions Every Company Should Be Asking Itself About its Business Resilience
10 Questions Every Company Should Be Asking Itself About its Business ResilienceMichael Bowers
 
Yankee Herd Intelligence Will Reshape Anti Malware
Yankee Herd Intelligence Will Reshape Anti MalwareYankee Herd Intelligence Will Reshape Anti Malware
Yankee Herd Intelligence Will Reshape Anti Malwaretswong
 
Vulnerability Voodoo and the Convergence of Foundational Security Controls
Vulnerability Voodoo and the Convergence of Foundational Security ControlsVulnerability Voodoo and the Convergence of Foundational Security Controls
Vulnerability Voodoo and the Convergence of Foundational Security ControlsTripwire
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsInterset
 
12 Factors Causing Your E-Signature Project To Fail
12 Factors Causing Your E-Signature Project To Fail12 Factors Causing Your E-Signature Project To Fail
12 Factors Causing Your E-Signature Project To FailFormaliti
 
The Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityThe Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityInterset
 
How Technology Can Enhance Your NonProfit Part 1
How Technology Can Enhance Your NonProfit Part 1How Technology Can Enhance Your NonProfit Part 1
How Technology Can Enhance Your NonProfit Part 1The TNS Group
 
Simplify your analytics strategy
Simplify your analytics strategySimplify your analytics strategy
Simplify your analytics strategyVarun Tandon
 
What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2IANS
 

Was ist angesagt? (20)

Data-driven crime prevention using AI
Data-driven crime prevention using AIData-driven crime prevention using AI
Data-driven crime prevention using AI
 
Service now vulnerability patching_move
Service now vulnerability patching_moveService now vulnerability patching_move
Service now vulnerability patching_move
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting Services
 
MT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterpriseMT29 Panel: Becoming a data-driven enterprise
MT29 Panel: Becoming a data-driven enterprise
 
Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!Big data security in the cloud: Buzzword Bingo!
Big data security in the cloud: Buzzword Bingo!
 
Uncovering the key to a successful psim installation
Uncovering the key to a successful psim installationUncovering the key to a successful psim installation
Uncovering the key to a successful psim installation
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk Management
 
2011 SC Magazine Insider Threat Keynote
2011 SC Magazine Insider Threat Keynote2011 SC Magazine Insider Threat Keynote
2011 SC Magazine Insider Threat Keynote
 
10 Questions Every Company Should Be Asking Itself About its Business Resilience
10 Questions Every Company Should Be Asking Itself About its Business Resilience10 Questions Every Company Should Be Asking Itself About its Business Resilience
10 Questions Every Company Should Be Asking Itself About its Business Resilience
 
Yankee Herd Intelligence Will Reshape Anti Malware
Yankee Herd Intelligence Will Reshape Anti MalwareYankee Herd Intelligence Will Reshape Anti Malware
Yankee Herd Intelligence Will Reshape Anti Malware
 
Vulnerability Voodoo and the Convergence of Foundational Security Controls
Vulnerability Voodoo and the Convergence of Foundational Security ControlsVulnerability Voodoo and the Convergence of Foundational Security Controls
Vulnerability Voodoo and the Convergence of Foundational Security Controls
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
 
12 Factors Causing Your E-Signature Project To Fail
12 Factors Causing Your E-Signature Project To Fail12 Factors Causing Your E-Signature Project To Fail
12 Factors Causing Your E-Signature Project To Fail
 
The Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityThe Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning Cybersecurity
 
How Technology Can Enhance Your NonProfit Part 1
How Technology Can Enhance Your NonProfit Part 1How Technology Can Enhance Your NonProfit Part 1
How Technology Can Enhance Your NonProfit Part 1
 
Role Description
Role DescriptionRole Description
Role Description
 
Simplify your analytics strategy
Simplify your analytics strategySimplify your analytics strategy
Simplify your analytics strategy
 
isicg - 3 r's v4
isicg - 3 r's v4isicg - 3 r's v4
isicg - 3 r's v4
 
What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2
 
An Intro to Core
An Intro to CoreAn Intro to Core
An Intro to Core
 

Ähnlich wie Human factors in cybersecurity: Needs assessment

Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application SecurityTy Sbano
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsRick van der Kleij
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Laura Benitez
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
PostThe group of individuals with some expert abilities formed .docx
PostThe group of individuals with some expert abilities formed .docxPostThe group of individuals with some expert abilities formed .docx
PostThe group of individuals with some expert abilities formed .docxstilliegeorgiana
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOpsInfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOpsVMware Tanzu
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS
 
Dika model
Dika modelDika model
Dika modelnjbrann
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementMighty Guides, Inc.
 
Mis for class lecture 1 final
Mis for class lecture 1 finalMis for class lecture 1 final
Mis for class lecture 1 finalAwais Idrees
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
 
Hr trends january_2016
Hr trends january_2016Hr trends january_2016
Hr trends january_2016Tom Haak
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016Prime Infoserv
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael Priyanka Aash
 
The Perspective of Today's Information Security Leader
The Perspective of Today's Information Security LeaderThe Perspective of Today's Information Security Leader
The Perspective of Today's Information Security LeaderRavila White
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...Pedro Henriques
 

Ähnlich wie Human factors in cybersecurity: Needs assessment (20)

Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application Security
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teams
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
 
PostThe group of individuals with some expert abilities formed .docx
PostThe group of individuals with some expert abilities formed .docxPostThe group of individuals with some expert abilities formed .docx
PostThe group of individuals with some expert abilities formed .docx
 
Austin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber PresentationAustin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber Presentation
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOpsInfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
Dika model
Dika modelDika model
Dika model
 
Business Mindset.pdf
Business Mindset.pdfBusiness Mindset.pdf
Business Mindset.pdf
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat Management
 
Mis for class lecture 1 final
Mis for class lecture 1 finalMis for class lecture 1 final
Mis for class lecture 1 final
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital Presence
 
Hr trends january_2016
Hr trends january_2016Hr trends january_2016
Hr trends january_2016
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
 
The Perspective of Today's Information Security Leader
The Perspective of Today's Information Security LeaderThe Perspective of Today's Information Security Leader
The Perspective of Today's Information Security Leader
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
 

Mehr von Rick van der Kleij

Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!Rick van der Kleij
 
Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime Rick van der Kleij
 
Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag Rick van der Kleij
 
Human factors in cybersecurity
Human factors in cybersecurity Human factors in cybersecurity
Human factors in cybersecurity Rick van der Kleij
 
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)Rick van der Kleij
 
Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet) Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet) Rick van der Kleij
 
Social media for influence operations
Social media for influence operationsSocial media for influence operations
Social media for influence operationsRick van der Kleij
 
Opportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approachOpportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approachRick van der Kleij
 
Boundary spanning in military operations
Boundary spanning in military operationsBoundary spanning in military operations
Boundary spanning in military operationsRick van der Kleij
 
Coordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalitiesCoordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalitiesRick van der Kleij
 

Mehr von Rick van der Kleij (11)

Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!Cybercrime? Daarvoor is mijn bedrijf te klein!
Cybercrime? Daarvoor is mijn bedrijf te klein!
 
Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime Organisatieslachtofferschap van cybercrime
Organisatieslachtofferschap van cybercrime
 
Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag Cyberweerbaarheid mkb (SMEs) regio Den Haag
Cyberweerbaarheid mkb (SMEs) regio Den Haag
 
Human factors in cybersecurity
Human factors in cybersecurity Human factors in cybersecurity
Human factors in cybersecurity
 
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
Verhogen effectiviteit cameratoezicht (svob kenniscafé 17 april 2014)
 
Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet) Wanneer veiligheid een service is (en wanneer niet)
Wanneer veiligheid een service is (en wanneer niet)
 
Social media for influence operations
Social media for influence operationsSocial media for influence operations
Social media for influence operations
 
Landmacht 2.0 sociale media
Landmacht 2.0 sociale mediaLandmacht 2.0 sociale media
Landmacht 2.0 sociale media
 
Opportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approachOpportunities for social media in a comprehensive approach
Opportunities for social media in a comprehensive approach
 
Boundary spanning in military operations
Boundary spanning in military operationsBoundary spanning in military operations
Boundary spanning in military operations
 
Coordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalitiesCoordinating across boundaries: The importance of members' personalities
Coordinating across boundaries: The importance of members' personalities
 

Kürzlich hochgeladen

The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfGale Pooley
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceanilsa9823
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptxFinTech Belgium
 
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Pooja Nehwal
 
The Economic History of the U.S. Lecture 30.pdf
The Economic History of the U.S. Lecture 30.pdfThe Economic History of the U.S. Lecture 30.pdf
The Economic History of the U.S. Lecture 30.pdfGale Pooley
 
High Class Call Girls Nashik Maya 7001305949 Independent Escort Service Nashik
High Class Call Girls Nashik Maya 7001305949 Independent Escort Service NashikHigh Class Call Girls Nashik Maya 7001305949 Independent Escort Service Nashik
High Class Call Girls Nashik Maya 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdfAdnet Communications
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfGale Pooley
 
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure serviceWhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure servicePooja Nehwal
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Call Girls in Nagpur High Profile
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfGale Pooley
 
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...ssifa0344
 
Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfMichael Silva
 
The Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdfThe Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdfGale Pooley
 
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Pooja Nehwal
 

Kürzlich hochgeladen (20)

The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdf
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
 
The Economic History of the U.S. Lecture 30.pdf
The Economic History of the U.S. Lecture 30.pdfThe Economic History of the U.S. Lecture 30.pdf
The Economic History of the U.S. Lecture 30.pdf
 
High Class Call Girls Nashik Maya 7001305949 Independent Escort Service Nashik
High Class Call Girls Nashik Maya 7001305949 Independent Escort Service NashikHigh Class Call Girls Nashik Maya 7001305949 Independent Escort Service Nashik
High Class Call Girls Nashik Maya 7001305949 Independent Escort Service Nashik
 
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdf
 
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure serviceWhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdf
 
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
Solution Manual for Financial Accounting, 11th Edition by Robert Libby, Patri...
 
Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdf
 
The Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdfThe Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdf
 
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
 

Human factors in cybersecurity: Needs assessment

  • 1. SRP CYBER FOR FINANCIALS Human factors in cyber security | Rick van der Kleij, Dimitri Hehanussa & Reinder Wolthuis
  • 2.
  • 3. CYBER SECURITY PROFESSIONALS Innovating for Cyber Security Professionals Business state
  • 4. FOCUS ON PROFESSIONALS: ISSUES? Large component of knowledge work: creative problem solving Highly automated environment: human automation teaming Information overloaded environment/ big data problem (high number of potential false positives) ….. Question: How to improve the performance & functioning of the human elements in this challenging working enviroment? SRP Cyber for Financials
  • 5. NEEDS MODEL: INTERVIEWS IN 2017 Organization needs Team Performance needs Individual needs Instrumental needs 21 September 20175 | Computer Security Incident Response Teams Needs that pertain to Incident handling behavior or tangible outcomes, such as time to identification, or ability to remove threat Needs that pertain to the state of the team or level of team performance required for satisfactory functioning, such as team structure Needs that pertain to the individual’s abilities or attitudes, such as job satisfaction or team orientation Interventions or tools that are required to obtain a satisfactory level of functioning Van der Kleij, R. Kleinhuis, G., & Young, H. (2017). Computer Security Incident Response Team Effectiveness: A Needs Assessment. Frontiers in Psychology. doi: 10.3389/fpsyg.2017.02179
  • 6. ORGANISATION Innovating for Cyber Security Professionals • Problem solving capacity; • Measuring Effectiveness; • Coordination & information exchange; • Organizational learning
  • 7. TEAM Innovating for Cyber Security Professionals • Sharing information within team (e.g., between shifts & handovers); • Work in multiteams • Team awareness;
  • 8. INDIVIDUALS Innovating for Cyber Security Professionals • Acquire en keep personnel; • Competence management; • Decision making around incident (e.g., triage); • Balancing workload
  • 9. INSTRUMENTS Innovating for Cyber Security Professionals • Interpersonal communication tools; • Incident-reports; • Visual overviews for shared situation awareness;
  • 10. 10 | Computer Security Incident Response Teams Human state monitoring OTHER RELEVANT TOPICS?
  • 11. BOTTLENECKS RELATED TO HF RESEARCH? It’s about humans, so professionals, employees or customers need to be involved in the research Capacity and involvement is required Observations and interviews sometimes needed in practice, e.g., to gain detailed understanding of how analysts perform, how sensemaking takes place in practice, and what the issues are that relate to SOC- automation. Interventions eventually need to be tested in practice (human-in-the- loop) SRP Cyber for Financials
  • 12. THANK YOU FOR YOUR ATTENTION Take a look: TIME.TNO.NL

Hinweis der Redaktion

  1. Human factors in cyber security: professionals