Project Information

Project No: S-BMT-21-6 (LT08-2-LMT-K-01-051)
Project Leader: Dr. Agnė Brilingaitė
Project Duration: 01/01/2021 - 31/12/2023
Project Promoter: Vilnius University (Lithuania)

Summary

The world is experiencing a high demand for high-quality cybersecurity specialists due to an increasing number of cyber attacks and their technological advancement.

In the Baltic countries, the geopolitical situation sets cybersecurity as a top priority. All economic sectors depend on the protection against cybercrime. In more than 90% of cyber incidents, humans could be seen both as attack targets and defenders having a broad set of technical and generic competencies. There is an enormous lack of research regarding the role of human factors in cybersecurity internationally. The establishment of an international cross-disciplinary research team will address the urgent need for a scientific understanding of human limitations and capabilities in the cyber kill chain.

The three Baltic countries and their partners from Norway and Liechtenstein make the team to investigate human behaviour in cybersecurity by combining research areas of computer science, psychology, and human genomics.

The project aims to develop a comprehensive, science-based interdisciplinary framework to develop and assess generic and subject-related competences of the current and future cybersecurity workforce. The data will be gathered based on the participants of international cybersecurity exercises. Risk assessment and educational components will be tested in the student environment. Statistical and data mining tools will be used to interpret multilayered data and to find correlations among genetic, behavioural, and technical skills under stressful conditions.

The project will result in the creation of a set of methodologies and tools that will include specific software components to gather and analyse data, self-report tools to collect factual data on social behavioural patterns, recommendations to consider specific biological marker information, a custom genotyping array, a methodology to develop and assess competencies, and the risk assessment process based on the joint interdisciplinary data.

Main Objectives

The main objective is to advance the performance of the cybersecurity (CS) specialist by identifying possible improvements from three different perspectives: by regarding the human as a biological entity, by analyzing behaviour patterns of the person, and by addressing the necessary knowledge and skills of the cybersecurity specialist.

The project is based on a hypothesis that it is possible to map cyber competencies required to solve cyber-crime, defend infrastructure, or be resilient to cyber-abuse and then to develop a rational competence improvement path for a CS specialist. When dealing with critical infrastructures or handling life mission-critical support systems, tools that enable the assessment of human traits or inherent risks are non-existent, or research components are not validated scientifically.

The envisioned results include:

  • Identification of key performance indicators in individual/team level training/exercises to develop an evidence base for a comprehensive assessment of cyber competences.
  • Development of methods to assess and predict the performance of a human in individual tasks and collaborative decision-making environments in cyberspace.
  • Development of specific tools to advance the performance of a human in learning to cope with challenges during stressful situations that require technological knowledge.

Funding

EAA_grants

Advancing Human Performance in Cybersecurity is funded by a grant of almost €1 million from the Baltic Research Programme under the Financial Mechanism of the European Economic Area (Iceland, Liechtenstein and Norway). The objectives of the Baltic Research Programme are to consolidate the scientific potential of the Baltic States, Iceland, Liechtenstein and Norway, to strengthen regional cooperation in scientific research relevant to the countries of the region, and to fill the gap between national research funding and EU structural support.

Project Results

Most cyber incidents occur to human error. Therefore, risk assessment strategies should consider digital assets and challenges that lead to risks due to individual human characteristics under certain conditions, e.g., in stressful situations during crises. The initial project’s paper [1] presented a theoretical ontology-based model as a basis for a human trait semantic network. The built proof-of-the-concept prototype combined artificial intelligence algorithms and psychological questionnaires to demonstrate existing human trait links to cyber hygiene. Another paper [2] presents a holistic architecture to assess human traits and explains the links between the natural human and digital-self using the impulsivity trait example. Also, we deconstructed the stress factor understandable in an everyday setting of the cybersecurity specialist to emphasize the need for personalized training to build resilience against stress as genetics influences reaction to the environment’s triggers [3]. Therefore, in a project, the competence model of the trainee (see Figure~) considers the trainee’s performance (behavior and results) under certain conditions with an impact of personal characteristics during a particular scenario that requires one to play a professional role and apply related competences [4].

The ADVANCES intervention mapping methodology [4],[5] supports the designed competence model. The methodology consists of three building blocks—competence model, course design process, and training environment [5].

The multidimensional approach that combines soft and hard skills, behavior, and cognitive aspects requires redesigning training methods and scenarios to involve trainees and stimulate their interest in cybersecurity [6],[7],[8]. For example, we demonstrated that a penetration testing course for military cadets with no prior technical skills could increase their interest in a cybersecurity career [6] if it was designed using the experiential learning paradigm, thus, making an additional professional development path. The developed CyberEscape approach [7] is based on the hybrid training environment with physical elements and virtual infrastructure to simulate the Computer Security Incident Response Team (CSIRT) tasks. The execution results showed the approach’s value in increasing self-efficacy and engagement, stimulating critical thinking, and fostering collaboration and communication skills.

The project research scope involves an educational environment and professional training, i.e., cyber defense exercises. Thus, the ontology was developed to overcome the knowledge management gap [9]. Finally, we introduce the multidimensional approach for a cyber defense exercise based on the event cycle, stakeholders’ goals, and necessary social, emotional, and cognitive aspects [8]. The approach ensures psychological safety, motivation, and other event ingredients to achieve training goals.

Project information on partner websites

General Jonas Žemaitis Military Academy of Lithuania
Norwegian University for Technology and Science
Østfold University College
Riga Technical University
Tallinn University of Technology
University of Liechtenstein
Vidzeme University of Applied Sciences

The General Jonas Žemaitis Military Academy of Lithuania

Riga Technical University

Vidzeme University of Applied Sciences

Tallinn University of Technology

Norwegian University for Technology and Science

Østfold University College

University of Liechtenstein

References

[1] A. Jurevičienė, A. Brilingaitė, and L. Bukauskas, “Digital human in cybersecurity risk assessment,” in Augmented cognition - 15th international conference, AC, held as part of the 23rd HCI international conference, HCII, proceedings, in Lecture notes in computer science, vol. 12776. Springer, 2021, pp. 418–432. doi: 10.1007/978-3-030-78114-9_29.

[2] L. Ambrozaitytė, A. Brilingaitė, L. Bukauskas, I. Domarkienė, and T. Rančelis, “Human characteristics and genomic factors as behavioural aspects for cybersecurity,” in Augmented cognition - 15th international conference, AC, held as part of the 23rd HCI international conference, HCII, proceedings, in Lecture notes in computer science, vol. 12776. Springer, 2021, pp. 333–350. doi: 10.1007/978-3-030-78114-9_23.

[3] I. Domarkienė et al., “CyberGenomics: Application of behavioral genetics in cybersecurity,” Behavioral Sciences, vol. 11, no. 11, p. p. 15, 2021, doi: 10.3390/bs11110152.

[4] R. Pirta-Dreimane et al., “Application of intervention mapping in cybersecurity education design,” Frontiers in Education, vol. 7, p. p. 12, 2022, doi: 10.3389/feduc.2022.998335.

[5] R. Pirta-Dreimane, A. Brilingaitė, E. Roponena, and K. Parish, “Multi-dimensional cybersecurity education design: A case study,” in IEEE intl. Conf. On dependable, autonomic and secure computing, intl. Conf. On pervasive intelligence and computing, intl. Conf. On cloud and big data computing, intl. Conf. On cyber science and technology congress, dasc/picom/cbdcom/cyberscitech, IEEE, 2022, pp. 1–8. doi: 10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927931.

[6] A. Melnikovas, R. G. Lugo, K. Maennel, A. Brilingaitė, S. Sütterlin, and A. Juozapavičius, “Teaching pentesting to social sciences students using experiential learning techniques to improve attitudes towards possible cybersecurity careers,” in Proc. Of the 22nd european conference on cyber warfare and security, Jun. 2023, pp. 294–302. doi: 10.34190/eccws.22.1.1145.

[7] R. Pirta-Dreimane et al., “CyberEscape approach to advancing hard and soft skills in cybersecurity education,” in Proc. Of the 25th HCI international conference, july 2023 (lncs series), Springer, 2023, p. 19. Available: https://hdl.handle.net/11250/3051549

[8] K. Maennel et al., “A multidimensional cyber defense exercise: Emphasis on emotional, social, and cognitive aspects,” SAGE Open, vol. 13, no. 1, p. p. 12, 2023, doi: 10.1177/21582440231156367.

[9] G. Babayeva, K. Maennel, and O. M. Maennel, “Building an ontology for cyber defence exercises,” in IEEE european symposium on security and privacy, euros&P, IEEE, 2022, pp. 423–432. doi: 10.1109/EuroSPW55150.2022.00050.

[10] G. Majore, L. Bukauskas, S. Sutterlin and A. Brilingaitė, “Advancing Human Performance in Cybersecurity, ADVANCES,” RPE@CAiSE’23: Research Projects Exhibition at the International Conference on Advanced Information Systems Engineering, June 12–16, 2023, Zaragoza, Spain.