Purpose Users’ mistakes due to poor cybersecurity skills result in up to 95 per cent of cyber threats to organizations. Threats to organizational information systems continue to result in substantial financial and intellectual property losses. This paper aims to design, develop and empirically test a set of scenarios-based hands-on tasks to measure the cybersecurity skills of non-information technology (IT) professionals. Design/methodology/approach This study was classified as developmental in nature and used a sequential qualitative and quantitative method to validate the reliability of the Cybersecurity Skills Index (CSI) as a prototype-benchmarking tool. Next, the prototype was used to empirically test the demonstrated observable hands-on skills level of 173 non-IT professionals. Findings The importance of skills and hands-on assessment appears applicable to cybersecurity skills of non-IT professionals. Therefore, by using an expert-validated set of cybersecurity skills and scenario-driven tasks, this study established and validated a set of hands-on tasks that measure observable cybersecurity skills of non-IT professionals without bias or the high-stakes risk to IT. Research limitations/implications Data collection was limited to the southeastern USA and while the sample size of 173 non-IT professionals is valid, further studies are required to increase validation of the results and generalizability. Originality/value The validated and reliable CSI operationalized as a tool that measures the cybersecurity skills of non-IT professionals. This benchmarking tool could assist organizations with mitigating threats due to vulnerabilities and breaches caused by employees due to poor cybersecurity skills.
Cyber threats have been growing with social engineering and business e-mail compromise reported as the two most rising penetration vectors. Advanced Persistent Threats (APTs) are penetration techniques that combine several approaches to gain access to organizational networks. Organizations need a team of skilled individuals to mitigate or prevent the complexity and seriousness of cyber threats such as APTs. A skill is defined as the combination of ability, knowledge, and experience to do something well. Therefore, cybersecurity skills correspond to individual’s ability, knowledge, and experience surrounding the hardware and software required to identify, protect, detect, respond, and recover against damage, unauthorized use, modification, and/or exploitation of cyber infrastructure. Moreover, a strong security posture cannot exist without individuals that possess high level of cybersecurity skills as cyber-attackers prejudice against all nationalities. Therefore, the importance to find individuals that use their cybersecurity skills for good is paramount. This paper presents an-in-depth discussion on the theoretical rationale for cybersecurity skills as the cornerstone of APTs and other cyber threat mitigation.
Aims Using a pragmatic approach, the LIRA‐PRIME trial aims to address a knowledge gap by comparing efficacy in controlling glycaemia with glucagon‐like peptide‐1 analog liraglutide vs oral antidiabetic drugs (OADs) in patients with type 2 diabetes (T2D) uncontrolled with metformin monotherapy in primary care practice. We report the study design and patient baseline characteristics. Materials and methods This 104‐week, two‐arm, open‐label, active‐controlled trial is active in 219 primary care practices across nine countries. At screening, eligible patients with T2D were at least 18 years of age, had been using a stable daily dose of metformin ≥1500 mg or the maximum tolerated dose for ≥60 days, and had a glycated haemoglobin (HbA1c) of 7.5% to 9.0%, measured ≤90 days before screening. Patients were randomized (1:1) to liraglutide or OAD, both in addition to pre‐trial metformin. Individual OADs were chosen by the treating physician based on local guidelines. The primary endpoint is time to inadequate glycaemic control, defined as HbA1c above 7.0% at two scheduled consecutive visits after the first 26 weeks of treatment. Results The trial randomized 1997 patients with a mean (standard deviation) age of 56.9 (10.8) years, T2D duration of 7.2 (5.9) years (range, <1‐47 years), and HbA1c of 8.2%. One‐fifth of patients had a history of diabetes complications, and most were overweight (24.8%) or had obesity (65.3%). Conclusions This pragmatically designed, large‐scale, multinational, randomized clinical trial will help guide treatment decisions for patients with T2D who are inadequately controlled with metformin monotherapy and treated in primary care.
Advanced Persistent Threats (APTs) have been growing with social engineering and corporate e-mail compromise reported as the two most penetration vectors to organizational networks. Historically, users (i.e., office assistants, managers, executives) have access to sensitive data and represent up to 95% of cybersecurity threats to organizations. This study addressed the problem of threats to organizational information systems (IS) due to vulnerabilities and breaches caused by employees. While in the past, only selected employees at the organization had access to the computer networks, with the proliferation of mobile devices almost all employees and vendors/contractors have access to the organizational networks. Computer and mobile device users are one of the weakest links in the cybersecurity chain, due to their limited cybersecurity skills (CySs). Over the years, the measures of CySs of computer users were based on self reported surveys or measured knowledge only. Prior IS and medical research found participants view scenarios as nonintrusive and unintimidating, while providing a realistic way to assess various situations from sexual harassment to chemical hazards. Therefore, this paper discusses the validation stage of a cybersecurity threats situational assessment tool that utilizes vignettes with observable hands-on tasks to measure and quantify CySs. Discussions and future research are also presented.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.