2021

Security and Defence Quarterly

Rocznik: 2021 | Tom: vol. 33 | Numer: no. 1

artykuł naukowy

angielski

EN The public service sector is a key target of cyberattacks. In order to prevent and effectively tackle such attacks, organisations should continuously develop their defence capabilities. As part of developing such capabilities, public service cybersecurity training is required to teach students about cyberattacks. The present study uses quantitative research techniques including (i) how to identify key requirements for the practical aspects of public service cybersecurity training and (ii) sampling to utilise international best practices from cybersecurity education and conceptual architectures from existing public service organisations. A schematic structure with a two-level practical training course is proposed. On the first level, the students learn about the defence mechanisms of their own info-communication devices and try to prevent attacks in a simulated environment. On the second level, the students apply protection strategies against cyberattacks in organisational infrastructure. Finally, a technical framework is defined to simulate cyberattacks against (a) personal devices and (b) a fictional organisational infrastructure. The specification of a public service cybersecurity training programme should not only focus on theoretical education but also provide practical knowledge to students. By simulating specific attacks, theoretical and practical knowledge can be combined. As a result, students will be able to recognise threats and potential risks from cyberspace.

19.03.2021

87 - 104

https://doi.org/10.35467/sdq/132026

https://securityanddefence.pl/Simulation-framework-for-practical-cyber-security-training-in-the-public-service,132026,0,2.html

CC BY (uznanie autorstwa)

otwarte czasopismo

ostateczna wersja opublikowana

19.03.2021

w momencie opublikowania

70

70