Dissertation/Thesis Abstract

Rethinking Existing Cybersecurity Frameworks: How to Incentivise Companies to Better Defend against Cyber Threats
by Wang, BaoFa, M.S., University of London, Royal Holloway, University of London (United Kingdom), 2020, 106; 28087173
Abstract (Summary)

Cybersecurity frameworks mandate a large set of security requirements and controls towards compliance and certification. However, this creates a false impression that if companies were to follow the recommended steps mentioned within the frameworks, they are guaranteed to be safe from cyberattacks. Additionally, there are overlapping general security controls and concepts within these frameworks and organizations looking to demonstrate an active cybersecurity program spend unnecessary resources on duplicate security controls.

Findings from the data collected showed that a majority of the participants had experience and the perceived knowledge in the implementation of cybersecurity frameworks within their organizations. The participants also provided their views on the benefits, concerns and improvements on the implementation of cybersecurity frameworks. While respective participant’s views and opinions were limited to their own experience and biases, the overall messages conveyed were similar in that cybersecurity frameworks could be used as tools to achieve compliance with various regulations and legislation requirements, but there was still room for improvement. Concerns highlighted by participants included a false sense of security, lack of applicability and implementation details, absence of common lexicon to provide a common language for existing frameworks, and the absence of regular updates and revisions to existing frameworks.

The purpose of this project is to provide an analysis through questionnaires and focus group discussions by comparing the different cybersecurity frameworks currently in practice and using the data collected to propose approaches to improve existing frameworks. The result of this study aims to further guide practitioners and researchers to understand the strengths and weaknesses of existing cybersecurity frameworks and aid future research.

Indexing (document details)
Advisor: Happa, Jassim
School: University of London, Royal Holloway, University of London (United Kingdom)
Department: Information Technology
School Location: England
Source: MAI 82/3(E), Masters Abstracts International
Subjects: Information Technology, Computer science, Computer Engineering, Business administration
Keywords: Cybersecurity, Cybersecurity frameworks, Framework, Frameworks, Information security, Information security frameworks
Publication Number: 28087173
ISBN: 9798672128177
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy