A study of the cyber security awareness and use of protective cyber security practices in defence settings

Files

R_19_0017_Sherchan.pdf (2.29 MB)

Date

2018-07

Free to read from

Authors

Sherchan, Sundar

Supervisor/s

Smy, Victoria

Journal Title

Journal ISSN

Volume Title

Publisher

Department

Type

Thesis

ISSN

Format

URI

https://dspace.lib.cranfield.ac.uk/handle/1826/17123

Citation

Abstract

The UK Strategic Defence and Security Review (2015), places ‘cyber’ in the highest category tier-one risk. The threats from cyberspace is ever increasing as UK Armed Forces is becoming increasingly dependent on its’ information systems and networks for daily business processes. Hardware and software technological defences are effective tools to protect our systems and networks, nonetheless these defences are useless if humans operators allows attackers to maliciously exploit our systems through use of social engineering techniques. There is currently no measurement framework in the R SIGNALS or the Army to assess basic cyber awareness and behaviour of soldiers and officers and benchmarking user cyber awareness maturity state. In this study, the author creates an innovative measurement framework that is utilised to measure cyber security awareness and behaviour in the R SIGNALS. The framework is an extension and adaptation of the government NCSC infographics for basic cyber security protective practices which in this study is split into five themes for measuring awareness (device safety, device backup, phishing, password and malware) and one theme for behaviour. The research adopts a quantitative positivist approach with using a questionnaire to measure human cyber awareness and behaviour. Study of human psychology models in the literature indicates that factors such as awareness and subsequent attitudes have direct influences on human behaviour. Results after codification and statistical analysis confirmed that technical trades in the R SIGNALS has better awareness of device safety, malware and phishing while cyber training was directly related to user behaviour and awareness of device safety. Overall user awareness in the R SIGNALS was found to be at Integrated level out of the five levels in the Community Cyber Security Maturity Model. The measurement framework is not limited to application to R SIGNALS and has the utility for other corps and organisations within the Army. Key future research recommendations included adding an attitude scale to the framework and having the correct sample to represent population variation

Description

© Cranfield University 2020. All rights reserved. No part of this publication may be reproduced without the written permission of the copyright owner.

Software Description

Software Language

Github

Keywords

DOI

Rights

© Cranfield University, 2015. All rights reserved. No part of this publication may be reproduced without the written permission of the copyright holder.

Relationships

Relationships

Supplements

Funder/s

Collections

PhD, EngD and MSc by research theses (Cranfield Health)