Direkt zum Inhalt
Universität Regensburg
DE : this page in English

Glas, Magdalena ; Messmann, Gerhard ; Pernul, Günther

Complex yet attainable? An interdisciplinary approach to designing better cyber range exercises

Glas, Magdalena , Messmann, Gerhard und Pernul, Günther (2024) Complex yet attainable? An interdisciplinary approach to designing better cyber range exercises. Computers & Security 144, S. 103965.

Veröffentlichungsdatum dieses Volltextes: 02 Jul 2024 05:29
Artikel
DOI zum Zitieren dieses Dokuments: 10.5283/epub.58556

[img]Veröffentlichte Version
Download ( PDF | 880kB)		Lizenz: Creative Commons Namensnennung-NichtKommerziell 4.0 International

Zusammenfassung

The global shortage of cybersecurity professionals poses a daunting challenge for organizations seeking to protect their assets and data. To counteract this workforce shortage, cyber range exercises (CRXs) can equip individuals with the necessary knowledge and skills to become security professionals. However, the complexity of CRXs tends to overwhelm trainees with little prior cybersecurity ...

The global shortage of cybersecurity professionals poses a daunting challenge for organizations seeking to protect their assets and data. To counteract this workforce shortage, cyber range exercises (CRXs) can equip individuals with the necessary knowledge and skills to become security professionals. However, the complexity of CRXs tends to overwhelm trainees with little prior cybersecurity experience, resulting in ineffective learning experiences. To address this issue, we take an interdisciplinary approach, leveraging established models on learning and motivation for cybersecurity. In this pursuit, we propose a literature-based framework of six design principles that aim to facilitate CRX designers in creating more effective CRXs. To illustrate the framework’s utility, we introduce a CRX for incident response built upon these principles. To evaluate the effectiveness of this principle-driven CRX design, we conducted a user study with participants. The results of this study showed that the design provided an engaging learning experience that enabled participants to effectively acquire incident response knowledge and skills.

Alternative Links zum Volltext

Beteiligte Einrichtungen

Details

DokumentenartArtikel
Titel eines Journals oder einer ZeitschriftComputers & Security
Verlag:Elsevier
Band:144
Seitenbereich:S. 103965
Datum25 Juni 2024
InstitutionenWirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul)
Informatik und Data Science > Fachbereich Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul)
Identifikationsnummer
WertTyp
10.1016/j.cose.2024.103965DOI
Verwandte URLs
URLURL Typ
https://github.com/InstruCRXZusätzliches Material / Supplementary Material
Stichwörter / KeywordsCyber range, Authentic learning, Cybersecurity exercise, Instructional design, Cyber defense exercise
Dewey-Dezimal-Klassifikation000 Informatik, Informationswissenschaft, allgemeine Werke > 004 Informatik
300 Sozialwissenschaften > 330 Wirtschaft
StatusVeröffentlicht
BegutachtetJa, diese Version wurde begutachtet
An der Universität Regensburg entstandenJa
URN der UB Regensburgurn:nbn:de:bvb:355-epub-585563
Dokumenten-ID58556

Bibliographische Daten exportieren

Hochladedatum:02 Jul 2024 05:29/Metadaten zuletzt geändert: 20 Jan 2025 11:16

Nur für Besitzer und Autoren: Kontrollseite des Eintrags
Downloadstatistik

Downloadstatistik

Altmetric

Alternative Statistik (altmetrics)

Weitere Literatur (mittels CORE)

Weitere Literatur (mittels CORE)

nach oben