Simulation framework for practical cyber security training in the public service
[ 1 ] Doctoral School of Military Engineering, National University of Public Service, 2 Ludovika tér, H-1083, Budapest, Hungary
2021
artykuł naukowy
angielski
- Simulation framework
- Cyber security
- Cyber security education
- Practical training
- Public service
EN The public service sector is a key target of cyberattacks. In order to prevent and effectively tackle such attacks, organisations should continuously develop their defence capabilities. As part of developing such capabilities, public service cybersecurity training is required to teach students about cyberattacks. The present study uses quantitative research techniques including (i) how to identify key requirements for the practical aspects of public service cybersecurity training and (ii) sampling to utilise international best practices from cybersecurity education and conceptual architectures from existing public service organisations. A schematic structure with a two-level practical training course is proposed. On the first level, the students learn about the defence mechanisms of their own info-communication devices and try to prevent attacks in a simulated environment. On the second level, the students apply protection strategies against cyberattacks in organisational infrastructure. Finally, a technical framework is defined to simulate cyberattacks against (a) personal devices and (b) a fictional organisational infrastructure. The specification of a public service cybersecurity training programme should not only focus on theoretical education but also provide practical knowledge to students. By simulating specific attacks, theoretical and practical knowledge can be combined. As a result, students will be able to recognise threats and potential risks from cyberspace.
19.03.2021
87 - 104
CC BY (uznanie autorstwa)
otwarte czasopismo
ostateczna wersja opublikowana
19.03.2021
w momencie opublikowania
publiczny
70
70