IJISC
  • Indexed in

  • Latest News

    December 30, 2024
    Volume 13, Issue 2 of the International Journal of Information Security and Cybercrime was published
    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Cyber Awareness Exercises: Virtual vs On-site Participation & the Hybrid Approach


    Author(s): ZACHARIS, Alexandros; JABES, Eloise; LELLA, Ifigenia; REKLEITIS, Evangelos

    Quick view | Full article | Citations | Views: 421


    Author(s) keywords: , , , , ,


    Reference keywords: , , ,


    Abstract:

    This paper examines the advantages and disadvantages of executing cyber awareness exercises in two different formats: Virtual vs On-site participation. Two EU Agencies, EUSPA and ENISA have organized in the previous years Cyber Awareness exercises; a very important tool to enhance and test the organization's ability to put up resistance and respond to different cyber threats. The objective of this paper is to compare the outcomes of these awareness exercises, executed on-site through physical attendance prior to 2019 and virtually, in a remote setup in 2020, due to the restrictions posed by the pandemic of COVID-19. ENISA in collaboration with EUSPA have accumulated raw and diverse data from the evaluation reports of the cyber events mentioned above. The comparison of these data will focus on the most important success factors of a cyber awareness exercise such as: participation, cooperation (social interaction/teambuilding), effectiveness, fun, tools and identify how the location of the participants affects them. The aim of this work is to highlight through statistical analysis the benefits of a hybrid approach to the exercise’s setup, once combining elements of both virtual and on-site. Depending on the different kind of exercises, such a hybrid setup, will provide more flexibility to an exercise organizer and help maximize effectiveness, while adapting to the fluctuating working regimes of the near future; namely Teleworking. Furthermore, a modular exercise design will be proposed in order to adapt to the location limitations without impacting negatively the rate of the rest of factors analyzed.



    References:

    [1]. T. Augustine and R. Dodge. Cyber Defense Exercise: Meeting Learning Objectives thru Competition. In Proceedings of the Colloquium for Information Systems Security Education (CISSE), 2006.
    [2]. A. D’Amico, L. Buchanan, J. Goodall, and P. Walczak. Mission Impact of Cyber Events: Scenarios and Ontology to Express the Relationships between Cyber Assets, Missions and Users. In Proceedings of the International Conference on Information Warfare and Security, Dayton, Ohio, April 2010.
    [3]. Jason Kick, Cyber Exercise Playbook, The MITRE Corporation, November 2014.
    [4]. ISO 22398:2013, Guidelines for exercises.
    [5]. ENISA, CERT Exercises Handbook.



    Additional Information

    Article Title: Cyber Awareness Exercises: Virtual vs On-site Participation & the Hybrid Approach
    Author(s): ZACHARIS, Alexandros; JABES, Eloise; LELLA, Ifigenia; REKLEITIS, Evangelos
    Date of Publication: 2021-12-28
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225 e-ISSN: 2286-0096
    Digital Object Identifier: 10.19107/IJISC.2021.02.04
    Issue: Volume 10, Issue 2, Year 2021
    Section: Studies and Analysis of Cybercrime Phenomenon
    Page Range: 31-36 (6 pages)



    Copyright ©2012-2025
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.