Jerry Andriessen (editor) - Cybersecurity Awareness (Advances in Information Security, 88)

The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook.

This Springer imprint is published by the registered company Springer Nature Switzerland AG

The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

Cybersecurity is one of todays most challenging security problems for commercial companies, NGOs, governmental institutions as well as individuals. Reaching beyond the technology-focused boundaries of classical information technology (IT) security, cybersecurity includes organizational and behavioral aspects of IT systems and needs to comply to legal and regulatory frameworks for cybersecurity. While large corporations might have the resources to follow those developments and bring their IT infrastructure and services in line with the requirements, the burden for smaller organizations like local public administrations will be substantial and the required resources might not be available. New and innovative solutions that will help local public administration to ease the burden of being in line with cybersecurity requirements are needed.

In this book, we present the design of a generic socio-technical framework for cybersecurity awareness in the organizational context, building on and contributing to the European multi-level cooperative/collaborative cybersecurity approach laid out by the 2013 European Cybersecurity Strategy and reinforced by the 2020 update to this strategy. The framework is designed to both capture the socio-technical cybersecurity requirements within an organization and provides the technical capabilities for real-time monitoring of those requirements against the local organizational context, as well as against the continuously changing cybersecurity landscape. The framework also includes technical and socio-technical measures to prevent or mitigate detected cybersecurity issues in an open and collaborative way, using artificial intelligence mechanisms (AI) to derive optimal strategies for addressing cybersecurity issues in individual organizational contexts.

The book details the implementation strategy for the framework, following modular design and agile implementation techniques in order to be able to deal on the one hand with the complexities of implementing a coherent solution in the multi-stakeholder European research project context, but on the other hand to account for the incredibly fast-changing cybersecurity environment, which requires a flexible solution in order to remain effective and efficient in the long term. This strategy has allowed SMEs from all over Europe to collaborate on the implementation and of the framework, resulting in an integrated platform that is flexible in its deployment in all possible organizational contexts, while at the same time providing a coherent and intuitive user experience.

One of the strong points of the CS-AWARE framework and platform is its conceptual and operational integration within the (currently still developing) European cooperative and collaborative cybersecurity legislation, as outlined by the 2013/2020 European Cybersecurity Strategy that is gradually implemented via, for example, the network and information security (NIS) directive, or the general data protection legislation (GDPR). In its legislative efforts, the EU has recognized that the complexities of cybersecurity can only be addressed through strong cooperation/collaboration between actors and stakeholders of different sectors critical to society and economy (including their supply chains), and mechanisms need to be created to facilitate this collaboration on a national, European, and global level. But cooperation starts locally, within individual organizations that are the ones at the front lines, with their systems getting attacked and compromised by cyber-criminal activity.

The CS-AWARE framework recognizes the importance of individual organizations being actively involved in the cooperative/collaborative efforts of the European multi-level cybersecurity approach. The framework provides mechanisms for organizations to benefit from this collaboration through utilization of cyber intelligence created by relevant actors like CERTs/CSIRTs. CS-AWARE also contributes to this cyber intelligence through the abilities to share information and evidence about cyber incidents with relevant stakeholders in an effort to allow them to create more precise intelligence about new and on-going cyber threats.