Developing a security behavioural assessment approach for cyber rating UK MSBs

Andrew Rae; Asma Patel

doi:10.1109/CyberSecurity49315.2020.9138893

Developing a security behavioural assessment approach for cyber rating UK MSBs

Research output: Chapter in Book/Published conference output › Conference publication

Abstract

Micro and small businesses account for over 99% of all businesses in the United Kingdom (UK). Still, a growing perception gap is how these businesses perceive the relevance and value of cyber security and the potential impacts from this. Recent studies by the UK government have shown a significant increase in the average cost to these smaller businesses after suffering a disruptive attack. Yet, their engagement with recognised standards and best practices is still relatively low. This paper aims to evaluate current behavioural models in the context of information security and develop a new influence-led approach to help ensure smaller businesses are both cyber ready and secure behaviours can be promoted. For this purpose, new engagement channels are identified and methods are developed to drive inferential and influencing factors for effective behaviour change.

Original language	English
Title of host publication	2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
Publisher	IEEE
Number of pages	8
ISBN (Electronic)	9781728164281
ISBN (Print)	9781728164298
DOIs	https://doi.org/10.1109/CyberSecurity49315.2020.9138893
Publication status	Published - Jun 2020

Keywords

Computer Crime
Information security
behavioural analytics
Risk management
Cybercrime
micro and small businesses
Cyber security awareness
Governance

Access to Document

10.1109/CyberSecurity49315.2020.9138893

Cite this

@inproceedings{42b291fa7ab3476cafbda415bced0db1,

title = "Developing a security behavioural assessment approach for cyber rating UK MSBs",

abstract = "Micro and small businesses account for over 99% of all businesses in the United Kingdom (UK). Still, a growing perception gap is how these businesses perceive the relevance and value of cyber security and the potential impacts from this. Recent studies by the UK government have shown a significant increase in the average cost to these smaller businesses after suffering a disruptive attack. Yet, their engagement with recognised standards and best practices is still relatively low. This paper aims to evaluate current behavioural models in the context of information security and develop a new influence-led approach to help ensure smaller businesses are both cyber ready and secure behaviours can be promoted. For this purpose, new engagement channels are identified and methods are developed to drive inferential and influencing factors for effective behaviour change.",

keywords = "Computer Crime, Information security, behavioural analytics, Risk management, Cybercrime, micro and small businesses, Cyber security awareness, Governance",

author = "Andrew Rae and Asma Patel",

year = "2020",

month = jun,

doi = "10.1109/CyberSecurity49315.2020.9138893",

language = "English",

isbn = "9781728164298",

booktitle = "2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)",

publisher = "IEEE",

address = "United States",

}

TY - GEN

T1 - Developing a security behavioural assessment approach for cyber rating UK MSBs

AU - Rae, Andrew

AU - Patel, Asma

PY - 2020/6

Y1 - 2020/6

N2 - Micro and small businesses account for over 99% of all businesses in the United Kingdom (UK). Still, a growing perception gap is how these businesses perceive the relevance and value of cyber security and the potential impacts from this. Recent studies by the UK government have shown a significant increase in the average cost to these smaller businesses after suffering a disruptive attack. Yet, their engagement with recognised standards and best practices is still relatively low. This paper aims to evaluate current behavioural models in the context of information security and develop a new influence-led approach to help ensure smaller businesses are both cyber ready and secure behaviours can be promoted. For this purpose, new engagement channels are identified and methods are developed to drive inferential and influencing factors for effective behaviour change.

AB - Micro and small businesses account for over 99% of all businesses in the United Kingdom (UK). Still, a growing perception gap is how these businesses perceive the relevance and value of cyber security and the potential impacts from this. Recent studies by the UK government have shown a significant increase in the average cost to these smaller businesses after suffering a disruptive attack. Yet, their engagement with recognised standards and best practices is still relatively low. This paper aims to evaluate current behavioural models in the context of information security and develop a new influence-led approach to help ensure smaller businesses are both cyber ready and secure behaviours can be promoted. For this purpose, new engagement channels are identified and methods are developed to drive inferential and influencing factors for effective behaviour change.

KW - Computer Crime

KW - Information security

KW - behavioural analytics

KW - Risk management

KW - Cybercrime

KW - micro and small businesses

KW - Cyber security awareness

KW - Governance

UR - https://ieeexplore.ieee.org/document/9138893

U2 - 10.1109/CyberSecurity49315.2020.9138893

DO - 10.1109/CyberSecurity49315.2020.9138893

M3 - Conference publication

SN - 9781728164298

BT - 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)

PB - IEEE

ER -

Developing a security behavioural assessment approach for cyber rating UK MSBs

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this