Easing the Burden of Security Self-Assessments
Schmitz, C.; Sekula, A.; Pape, S.; Pipek, V. and Rannenberg, K.
In 12th International Symposium on Human Aspects of Information Security & Assurance, HAISA 2018 ,Dundee, Scotland, August 29-31, 2018, Proceedings., 2018.Abstract
A web-based platform was developed to support the inter-organisational collaboration between small and medium-sized energy providers. Since critical infrastructures are subject to new security regulations in Germany, the platform particularly serves for the exchange of experience and for mutual support in information security. The focus of this work is the security self-assessment component. In order to ease the burden of going through a long questionnaire we have implemented small, motivating modules that are spread across the platform. The data entered is used for an individual risk assessment but also for a fine granular inter-organisational security benchmarking which builds a common added value for the entire community on the platform and strengthens the community building process. We implemented a prototype of the platform and evaluated the it in a focus group.
Bibtex
@InProceedings{SSPPR18haisa, author = {Christopher Schmitz and Andre Sekula and Sebastian Pape and Volkmar Pipek and Kai Rannenberg}, title = {Easing the Burden of Security Self-Assessments}, booktitle = {12th International Symposium on Human Aspects of Information Security {\&} Assurance, {HAISA} 2018 ,Dundee, Scotland, August 29-31, 2018, Proceedings.}, year = {2018}, doi = {X}, keywords = {SIDATE, security, critical infrastructures, security management}, url = {https://www.cscan.org/openaccess/?id=396}, }