The motivation for corporate leadership to engage with cyber risks is increasingly clear. Stories can be seen of cyber incidents which have crippled large-scale businesses, potentially for extended periods of time and at significant cost. Our contribution here explores a much under-researched area — perceptions of cybersecurity and cyber risk at the highest levels of an organisation — with the aim of developing a structured, scenario-driven and repeatable exercise for executive decision makers. We attempt to understand why cyber risk perception is an important concept but equally a challenging one to grasp. We address this by demonstrating an approach to risk articulation, in terms of systematically constructed scenarios, and assess whether this resonates with decision-makers. As part of this, we also attempt to assess cyber-risk decision-makers for their perception of wider business risks and stakeholders.
Scenario-Driven Assessment of Cyber Risk Perception at the Security Executive Level
Simon Parkin (TU Delft), Kristen Kuhn, Siraj Ahmed Shaikh (Coventry University)
View More Papers
OblivSketch: Oblivious Network Measurement as a Cloud Service
Shangqi Lai (Monash University), Xingliang Yuan (Monash University), Joseph K. Liu (Monash University), Xun Yi (RMIT University), Qi Li (Tsinghua...
Read MoreHERA: Hotpatching of Embedded Real-time Applications
Christian Niesler (University of Duisburg-Essen), Sebastian Surminski (University of Duisburg-Essen), Lucas Davi (University of Duisburg-Essen)
Read MoreIoTSafe: Enforcing Safety and Security Policy with Real IoT...
Wenbo Ding (Clemson University), Hongxin Hu (University at Buffalo), Long Cheng (Clemson University)
Read MoreVision-Based Two-Factor Authentication & Localization Scheme for Autonomous Vehicles
Anas Alsoliman, Marco Levorato, and Qi Alfred Chen (UC Irvine)
Read More