Towards Projection of the Individualised Risk Assessment for the Cybersecurity Workforce
Computer Standards & Interfaces 2024
Agnė Brilingaitė, Linas Bukauskas, Ingrida Domarkienė, Tautvydas Rančelis, Laima Ambrozaitytė, Rūta Pirta, Ricardo G. Lugo, Benjamin J. Knox

In the era of global digitalisation, there is rapid development of services requiring cybersecurity resilience against adversarial actions. The demand for skilled cybersecurity professionals is at an all-time high, with over three million positions yet to be filled worldwide. Employers call for help to recruit and retain specialists as a stressful cybersecurity work environment increases the risk of insecure and non-compliant behaviour. Current training methodologies need to be revised to address this issue, underlining the need for a shift towards more individualised training methods to raise awareness about personal traits that impact professional conduct. This paper introduces a multi-disciplinary model that enables the personal trait triangulation of the cybersecurity specialist from three different perspectives: human genetics, psychology, and information and communication technology. The model offers a novel approach by incorporating a self-regulation feature, exemplified through impulsivity measured by the Barratt Impulsiveness Scale, and leveraging a web-based system for both psychological assessment and cybersecurity task completion. Pilot experimental data (n=48) was used for model building and proof of concept. The example demonstrates model potential in individual behaviour prognosis. It suggests its utility in tailoring training strategies that not only enhance cybersecurity performance but also aid in workforce retention by acknowledging and addressing the complex interplay of factors influencing daily cyber routines.


Keywords
Cybersecurity workforce, Individualised risk assessment, Self-regulation, Impulsivity trait, Genetic association, ICT skills
DOI
10.1016/j.csi.2024.103962
Hyperlink
https://www.sciencedirect.com/science/article/pii/S0920548924001314?via%3Dihub

Brilingaitė, A., Bukauskas, L., Domarkienė, I., Rančelis, T., Ambrozaitytė, L., Pirta, R., Lugo, R., Knox, B. Towards Projection of the Individualised Risk Assessment for the Cybersecurity Workforce. Computer Standards & Interfaces, 2024, Vol. 93, Article number 103962. ISSN 0920-5489. e-ISSN 1872-7018. Pieejams: doi:10.1016/j.csi.2024.103962

Publication language
English (en)
The Scientific Library of the Riga Technical University.
E-mail: uzzinas@rtu.lv; Phone: +371 28399196