Scenario-Driven Assessment of Cyber Risk Perception at the Security Executive Level

Simon Parkin, Kristen Kuhn, Siraj Shaikh

    Research output: Chapter in Book/Report/Conference proceedingConference proceedingpeer-review

    150 Downloads (Pure)

    Abstract

    The motivation for corporate leadership to engage with cyber risks is increasingly clear. Stories can be seen of cyber incidents which have crippled large-scale businesses, potentially for extended periods of time and at significant cost. Our contribution here explores a much under-researched area — perceptions of cybersecurity and cyber risk at the highest levels of an organisation — with the aim of developing a structured, scenario-driven and repeatable exercise for executive decisionmakers. We attempt to understand why cyber risk perception is an important concept but equally a challenging one to grasp. We address this by demonstrating an approach to risk articulation, in terms of systematically constructed scenarios, and assess whether this resonates with decision-makers. As part of this, we also attempt to assess cyber-risk decision-makers for their perception of wider business risks and stakeholders.
    Original languageEnglish
    Title of host publicationWorkshop on Usable Security and Privacy (USEC) 2021
    Pages(In-Press)
    Publication statusPublished - 7 May 2021
    EventWorkshop on Usable Security and Privacy - Virtual, Auckland, New Zealand
    Duration: 7 May 20217 May 2021
    http://www.usablesecurity.net/USEC/usec21/

    Workshop

    WorkshopWorkshop on Usable Security and Privacy
    Abbreviated titleUSEC 2021
    Country/TerritoryNew Zealand
    CityAuckland
    Period7/05/217/05/21
    Internet address

    Fingerprint

    Dive into the research topics of 'Scenario-Driven Assessment of Cyber Risk Perception at the Security Executive Level'. Together they form a unique fingerprint.

    Cite this