Abstract
Cyberattacks continue to pose significant threats and damages across a wide range of sectors. The main problem that causes this lies in the misinterpretation of the implementation of cybersecurity frameworks, as they often rely too much on technology as the primary solution and neglect human factors, resulting in their implementation not being agile or dynamic. This study critically evaluates existing cybersecurity frameworks and introduces a new approach, an agile cybersecurity framework that integrates organizational culture. Utilizing the Q methodology, this study determined the core components and processes of a reconstructed cybersecurity framework based on inputs from a Systematic Literature Review and expert views. The results revealed five core components: Security Governance, Risk Management, Incident Management, Security Technology and Organizational Culture. The agile method adopted is a combination of the Dynamic System Development Model (DSDM) and Feature Driven Development (FDD). The framework is expected to improve the agility of cybersecurity implementation, optimize human factors in the organization to better mitigate cyberattacks, and reduce their potential impact.
Original language | English |
---|---|
Pages (from-to) | 1 |
Number of pages | 1 |
Journal | IEEE Access |
Volume | 12 |
DOIs | |
Publication status | Accepted/In press - 2024 |
Keywords
- agile computing
- Agile software development
- Computer security
- cyber security
- cybersecurity
- Electronic government
- framework
- Human factors
- Information security
- methodology
- NIST
- organizational culture
- Security
- Systematics